Bumped to release 1.9.0

Merge remote-tracking branch 'origin/l10n_master'
New translations messages.en.xlf (English)
2026-02-21 17:22:28 +01:00 · 2023-11-25 20:07:51 +01:00 · 2023-11-25 20:07:17 +01:00 · 2023-11-25 20:05:34 +01:00 · 2023-11-25 20:05:23 +01:00 · 2023-11-25 20:00:08 +01:00
863 changed files with 74222 additions and 16939 deletions
--- a/.docker/partdb-entrypoint.sh
+++ b/.docker/partdb-entrypoint.sh
@@ -39,6 +39,9 @@ if [ -d /var/www/html/var/db ]; then
    fi
 fi

+# Start PHP-FPM
+service php8.1-fpm start
+
 # first arg is `-f` or `--some-option` (taken from https://github.com/docker-library/php/blob/master/8.2/bullseye/apache/docker-php-entrypoint)
 if [ "${1#-}" != "$1" ]; then
 	set -- apache2-foreground "$@"
--- a/.docker/symfony.conf
+++ b/.docker/symfony.conf
@@ -26,13 +26,22 @@

        # Pass the configuration from the docker env to the PHP environment (here you should list all .env options)
        PassEnv APP_ENV APP_DEBUG APP_SECRET
-        PassEnv DATABASE_URL
-        PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR
+        PassEnv TRUSTED_PROXIES TRUSTED_HOSTS LOCK_DSN
+        PassEnv DATABASE_URL ENFORCE_CHANGE_COMMENTS_FOR
+        PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR MAX_ATTACHMENT_FILE_SIZE DEFAULT_URI CHECK_FOR_UPDATES
        PassEnv MAILER_DSN ALLOW_EMAIL_PW_RESET EMAIL_SENDER_EMAIL EMAIL_SENDER_NAME
-        PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA
+        PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA HISTORY_SAVE_NEW_DATA
        PassEnv ERROR_PAGE_ADMIN_EMAIL ERROR_PAGE_SHOW_HELP
        PassEnv DEMO_MODE NO_URL_REWRITE_AVAILABLE FIXER_API_KEY BANNER
+        # In old version the SAML sp private key env, was wrongly named SAMLP_SP_PRIVATE_KEY, keep it for backward compatibility
+        PassEnv SAML_ENABLED SAML_BEHIND_PROXY SAML_ROLE_MAPPING SAML_UPDATE_GROUP_ON_LOGIN SAML_IDP_ENTITY_ID SAML_IDP_SINGLE_SIGN_ON_SERVICE SAML_IDP_SINGLE_LOGOUT_SERVICE SAML_IDP_X509_CERT SAML_SP_ENTITY_ID SAML_SP_X509_CERT SAML_SP_PRIVATE_KEY SAMLP_SP_PRIVATE_KEY
+        PassEnv TABLE_DEFAULT_PAGE_SIZE TABLE_PARTS_DEFAULT_COLUMNS

+        PassEnv PROVIDER_DIGIKEY_CLIENT_ID PROVIDER_DIGIKEY_SECRET PROVIDER_DIGIKEY_CURRENCY PROVIDER_DIGIKEY_LANGUAGE PROVIDER_DIGIKEY_COUNTRY
+        PassEnv PROVIDER_ELEMENT14_KEY PROVIDER_ELEMENT14_STORE_ID
+        PassEnv PROVIDER_TME_KEY PROVIDER_TME_SECRET PROVIDER_TME_CURRENCY PROVIDER_TME_LANGUAGE PROVIDER_TME_COUNTRY PROVIDER_TME_GET_GROSS_PRICES
+        PassEnv PROVIDER_OCTOPART_CLIENT_ID PROVIDER_OCTOPART_SECRET PROVIDER_OCTOPART_CURRENCY PROVIDER_OCTOPART_COUNTRY PROVIDER_OCTOPART_SEARCH_LIMIT PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS
+        PassEnv PROVIDER_MOUSER_KEY PROVIDER_MOUSER_SEARCH_OPTION PROVIDER_MOUSER_SEARCH_LIMIT PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
--- a/.env
+++ b/.env
@@ -31,6 +31,21 @@ INSTANCE_NAME="Part-DB"
 ALLOW_ATTACHMENT_DOWNLOADS=0
 # Use gravatars for user avatars, when user has no own avatar defined
 USE_GRAVATAR=0
+# The maximum allowed size for attachment files in bytes (you can use M for megabytes and G for gigabytes)
+# Please note that the php.ini setting upload_max_filesize also limits the maximum size of uploaded files
+MAX_ATTACHMENT_FILE_SIZE="100M"
+
+# The public reachable URL of this Part-DB installation. This is used for generating links to the website in emails and so on
+# This must end with a slash!
+DEFAULT_URI="https://partdb.changeme.invalid/"
+
+# With this option you can configure, where users are enforced to give a change reason, which will be logged
+# This is a comma separated list of values, see documentation for available values
+# Leave this empty, to make all change reasons optional
+ENFORCE_CHANGE_COMMENTS_FOR=""
+
+# Disable that if you do not want that Part-DB connects to GitHub to check for available updates, or if your server can not connect to the internet
+CHECK_FOR_UPDATES=1

 ###################################################################################
 # Email settings
@@ -59,6 +74,9 @@ HISTORY_SAVE_CHANGED_FIELDS=1
 HISTORY_SAVE_CHANGED_DATA=1
 # Save the data of an element that gets removed into log entry. This allows to undelete an element
 HISTORY_SAVE_REMOVED_DATA=1
+# Save the new data of an element that gets changed or added. This allows an easy comparison of the old and new data on the detail page
+# This option only becomes active when HISTORY_SAVE_CHANGED_DATA is set to 1
+HISTORY_SAVE_NEW_DATA=1

 ###################################################################################
 # Error pages settings
@@ -69,6 +87,114 @@ ERROR_PAGE_ADMIN_EMAIL=''
 # If this is set to true, solutions to common problems are shown on error pages. Disable this, if you do not want your users to see them...
 ERROR_PAGE_SHOW_HELP=1

+##################################################################################
+# Part table settings
+##################################################################################
+
+# The default page size for the part table (set to -1 to show all parts on one page)
+TABLE_DEFAULT_PAGE_SIZE=50
+# Configure which columns will be visible by default in the parts table (and in which order).
+# This is a comma separated list of column names. See documentation for available values.
+TABLE_PARTS_DEFAULT_COLUMNS=name,description,category,footprint,manufacturer,storage_location,amount
+
+##################################################################################
+# Info provider settings
+##################################################################################
+
+# Digikey Provider:
+# You can get your client id and secret from https://developer.digikey.com/
+PROVIDER_DIGIKEY_CLIENT_ID=
+PROVIDER_DIGIKEY_SECRET=
+# The currency to get prices in
+PROVIDER_DIGIKEY_CURRENCY=EUR
+# The language to get results in (en, de, fr, it, es, zh, ja, ko)
+PROVIDER_DIGIKEY_LANGUAGE=en
+# The country to get results for
+PROVIDER_DIGIKEY_COUNTRY=DE
+
+# Farnell Provider:
+# You can get your API key from https://partner.element14.com/
+PROVIDER_ELEMENT14_KEY=
+# Configure the store domain you want to use. This decides the language and currency of results. You can get a list of available stores from https://partner.element14.com/docs/Product_Search_API_REST__Description
+PROVIDER_ELEMENT14_STORE_ID=de.farnell.com
+
+# TME Provider:
+# You can get your API key from https://developers.tme.eu/en/
+PROVIDER_TME_KEY=
+PROVIDER_TME_SECRET=
+# The currency to get prices in
+PROVIDER_TME_CURRENCY=EUR
+# The language to get results in (en, de, pl)
+PROVIDER_TME_LANGUAGE=en
+# The country to get results for
+PROVIDER_TME_COUNTRY=DE
+# Set this to 1 to get gross prices (including VAT) instead of net prices
+PROVIDER_TME_GET_GROSS_PRICES=1
+
+# Octopart / Nexar Provider:
+# You can get your API key from https://nexar.com/api
+PROVIDER_OCTOPART_CLIENT_ID=
+PROVIDER_OCTOPART_SECRET=
+# The currency and country to get prices for (you have to set both to get meaningful results)
+# 3 letter ISO currency code (e.g. EUR, USD, GBP)
+PROVIDER_OCTOPART_CURRENCY=EUR
+# 2 letter ISO country code (e.g. DE, US, GB)
+PROVIDER_OCTOPART_COUNTRY=DE
+# The number of results to get from Octopart while searching (please note that this counts towards your API limits)
+PROVIDER_OCTOPART_SEARCH_LIMIT=10
+# Set to false to include non authorized offers in the results
+PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS=1
+
+# Mouser Provider API V2:
+# You can get your API key from https://www.mouser.it/api-hub/
+PROVIDER_MOUSER_KEY=
+# Filter search results by RoHS compliance and stock availability:
+# Available options: None | Rohs | InStock | RohsAndInStock
+PROVIDER_MOUSER_SEARCH_OPTION='None'
+# The number of results to get from Mouser while searching (please note that this value is max 50)
+PROVIDER_MOUSER_SEARCH_LIMIT=50
+# It is recommended to leave this set to 'true'. The option is not really good doumented by Mouser:
+# Used when searching for keywords in the language specified when you signed up for Search API.
+PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE='true'
+
+###################################################################################
+# SAML Single sign on-settings
+###################################################################################
+# Set this to 1 to enable SAML single sign on
+SAML_ENABLED=0
+
+# Set to 1, if your Part-DB installation is behind a reverse proxy and you want to use SAML
+SAML_BEHIND_PROXY=0
+
+# A JSON encoded array of role mappings in the form { "saml_role": PARTDB_GROUP_ID, "*": PARTDB_GROUP_ID }
+# The first match is used, so the order is important! Put the group mapping with the most privileges first.
+# Please not to only use single quotes to enclose the JSON string
+SAML_ROLE_MAPPING='{}'
+# A mapping could look like the following
+#SAML_ROLE_MAPPING='{ "*": 2, "admin": 1, "editor": 3}'
+
+# When this is set to 1, the group of SAML users will be updated everytime they login based on their SAML roles
+SAML_UPDATE_GROUP_ON_LOGIN=1
+
+# The entity ID of your SAML IDP (e.g. the realm name of your Keycloak server)
+SAML_IDP_ENTITY_ID="https://idp.changeme.invalid/realms/master"
+# The URL of your SAML IDP SingleSignOnService (e.g. the endpoint of your Keycloak server)
+SAML_IDP_SINGLE_SIGN_ON_SERVICE="https://idp.changeme.invalid/realms/master/protocol/saml"
+# The URL of your SAML IDP SingleLogoutService (e.g. the endpoint of your Keycloak server)
+SAML_IDP_SINGLE_LOGOUT_SERVICE="https://idp.changeme.invalid/realms/master/protocol/saml"
+# The public certificate of the SAML IDP (e.g. the certificate of your Keycloak server)
+SAML_IDP_X509_CERT="MIIC..."
+
+# The entity of your SAML SP, must match the SP entityID configured in your SAML IDP (e.g. Keycloak).
+# This should be a the domain name of your Part-DB installation, followed by "/sp"
+SAML_SP_ENTITY_ID="https://partdb.changeme.invalid/sp"
+
+# The public certificate of the SAML SP
+SAML_SP_X509_CERT="MIIC..."
+# The private key of the SAML SP
+SAML_SP_PRIVATE_KEY="MIIE..."
+
+
 ######################################################################################
 # Other settings
 ######################################################################################
@@ -91,7 +217,7 @@ APP_SECRET=a03498528f5a5fc089273ec9ae5b2849


 # Set the trusted IPs here, when using an reverse proxy
-#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+#TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
 #TRUSTED_HOSTS='^(localhost|example\.com)$'


@@ -100,3 +226,7 @@ APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
 # postgresql+advisory://db_user:db_password@localhost/db_name
 LOCK_DSN=flock
 ###< symfony/lock ###
+
+###> nelmio/cors-bundle ###
+CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
+###< nelmio/cors-bundle ###
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+# For sh files, always use LF line endings
+*.sh text eol=lf
--- a/.github/assets/legacy_import/db_jbtronics.sql
+++ b/.github/assets/legacy_import/db_jbtronics.sql
@@ -0,0 +1,752 @@
+-- phpMyAdmin SQL Dump
+-- version 5.1.3
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Erstellungszeit: 07. Mai 2023 um 01:58
+-- Server-Version: 10.6.5-MariaDB-log
+-- PHP-Version: 8.1.2
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Datenbank: `partdb_demo`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `attachements`
+--
+
+CREATE TABLE `attachements` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `class_name` varchar(255) COLLATE utf8mb3_unicode_ci NOT NULL,
+  `element_id` int(11) NOT NULL,
+  `type_id` int(11) NOT NULL,
+  `filename` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `show_in_table` tinyint(1) NOT NULL DEFAULT 0,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `attachements`
+--
+
+INSERT INTO `attachements` (`id`, `name`, `class_name`, `element_id`, `type_id`, `filename`, `show_in_table`, `last_modified`) VALUES
+(1, 'BC547', 'Part', 2, 2, '%BASE%/data/media/bc547.pdf', 1, '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `attachement_types`
+--
+
+CREATE TABLE `attachement_types` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `attachement_types`
+--
+
+INSERT INTO `attachement_types` (`id`, `name`, `parent_id`, `comment`, `datetime_added`, `last_modified`) VALUES
+(1, 'Bilder', NULL, NULL, '2017-10-21 17:58:48', '0000-00-00 00:00:00'),
+(2, 'Datenblätter', NULL, NULL, '2017-10-21 17:58:48', '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `categories`
+--
+
+CREATE TABLE `categories` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `disable_footprints` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_manufacturers` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_autodatasheets` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_properties` tinyint(1) NOT NULL DEFAULT 0,
+  `partname_regex` text COLLATE utf8mb3_unicode_ci NOT NULL,
+  `partname_hint` text COLLATE utf8mb3_unicode_ci NOT NULL,
+  `default_description` text COLLATE utf8mb3_unicode_ci NOT NULL,
+  `default_comment` text COLLATE utf8mb3_unicode_ci NOT NULL,
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `categories`
+--
+
+INSERT INTO `categories` (`id`, `name`, `parent_id`, `disable_footprints`, `disable_manufacturers`, `disable_autodatasheets`, `disable_properties`, `partname_regex`, `partname_hint`, `default_description`, `default_comment`, `comment`, `datetime_added`, `last_modified`) VALUES
+(1, 'aktive Bauteile', NULL, 0, 0, 0, 0, '', '', '', '', NULL, '2017-10-21 17:58:49', '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `devices`
+--
+
+CREATE TABLE `devices` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `order_quantity` int(11) NOT NULL DEFAULT 0,
+  `order_only_missing_parts` tinyint(1) NOT NULL DEFAULT 0,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `devices`
+--
+
+INSERT INTO `devices` (`id`, `name`, `parent_id`, `order_quantity`, `order_only_missing_parts`, `datetime_added`, `last_modified`, `comment`) VALUES
+(1, 'Test', NULL, 0, 0, '2015-04-16 15:08:56', '0000-00-00 00:00:00', NULL);
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `device_parts`
+--
+
+CREATE TABLE `device_parts` (
+  `id` int(11) NOT NULL,
+  `id_part` int(11) NOT NULL DEFAULT 0,
+  `id_device` int(11) NOT NULL DEFAULT 0,
+  `quantity` int(11) NOT NULL DEFAULT 0,
+  `mountnames` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `device_parts`
+--
+
+INSERT INTO `device_parts` (`id`, `id_part`, `id_device`, `quantity`, `mountnames`) VALUES
+(1, 2, 1, 1, '');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `footprints`
+--
+
+CREATE TABLE `footprints` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `filename` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `filename_3d` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `footprints`
+--
+
+INSERT INTO `footprints` (`id`, `name`, `filename`, `filename_3d`, `parent_id`, `comment`, `datetime_added`, `last_modified`) VALUES
+(1, 'LEDs', '%BASE%/img/footprints/Optik/LEDs/Bedrahtet/LED-GELB_3MM.png', '', NULL, NULL, '2017-10-21 17:58:49', '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `groups`
+--
+
+CREATE TABLE `groups` (
+  `id` int(11) NOT NULL,
+  `name` varchar(32) NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` mediumtext DEFAULT NULL,
+  `perms_system` int(11) NOT NULL,
+  `perms_groups` int(11) NOT NULL,
+  `perms_users` int(11) NOT NULL,
+  `perms_self` int(11) NOT NULL,
+  `perms_system_config` int(11) NOT NULL,
+  `perms_system_database` int(11) NOT NULL,
+  `perms_parts` bigint(11) NOT NULL,
+  `perms_parts_name` smallint(6) NOT NULL,
+  `perms_parts_description` smallint(6) NOT NULL,
+  `perms_parts_instock` smallint(6) NOT NULL,
+  `perms_parts_mininstock` smallint(6) NOT NULL,
+  `perms_parts_footprint` smallint(6) NOT NULL,
+  `perms_parts_storelocation` smallint(6) NOT NULL,
+  `perms_parts_manufacturer` smallint(6) NOT NULL,
+  `perms_parts_comment` smallint(6) NOT NULL,
+  `perms_parts_order` smallint(6) NOT NULL,
+  `perms_parts_orderdetails` smallint(6) NOT NULL,
+  `perms_parts_prices` smallint(6) NOT NULL,
+  `perms_parts_attachements` smallint(6) NOT NULL,
+  `perms_devices` int(11) NOT NULL,
+  `perms_devices_parts` int(11) NOT NULL,
+  `perms_storelocations` int(11) NOT NULL,
+  `perms_footprints` int(11) NOT NULL,
+  `perms_categories` int(11) NOT NULL,
+  `perms_suppliers` int(11) NOT NULL,
+  `perms_manufacturers` int(11) NOT NULL,
+  `perms_attachement_types` int(11) NOT NULL,
+  `perms_tools` int(11) NOT NULL,
+  `perms_labels` smallint(6) NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;
+
+--
+-- Daten für Tabelle `groups`
+--
+
+INSERT INTO `groups` (`id`, `name`, `parent_id`, `comment`, `perms_system`, `perms_groups`, `perms_users`, `perms_self`, `perms_system_config`, `perms_system_database`, `perms_parts`, `perms_parts_name`, `perms_parts_description`, `perms_parts_instock`, `perms_parts_mininstock`, `perms_parts_footprint`, `perms_parts_storelocation`, `perms_parts_manufacturer`, `perms_parts_comment`, `perms_parts_order`, `perms_parts_orderdetails`, `perms_parts_prices`, `perms_parts_attachements`, `perms_devices`, `perms_devices_parts`, `perms_storelocations`, `perms_footprints`, `perms_categories`, `perms_suppliers`, `perms_manufacturers`, `perms_attachement_types`, `perms_tools`, `perms_labels`, `datetime_added`, `last_modified`) VALUES
+(1, 'admins', NULL, 'Users of this group can do everything: Read, Write and Administrative actions.', 21, 1365, 87381, 85, 85, 21, 1431655765, 5, 5, 5, 5, 5, 5, 5, 5, 5, 325, 325, 325, 5461, 325, 5461, 5461, 5461, 5461, 5461, 1365, 1365, 85, '2017-10-21 17:58:46', '2018-10-08 17:27:41'),
+(2, 'readonly', NULL, 'Users of this group can only read informations, use tools, and don\'t have access to administrative tools.', 2, 2730, 43690, 25, 170, 42, 2778027689, 9, 9, 9, 9, 9, 9, 9, 9, 9, 649, 649, 649, 1705, 649, 1705, 1705, 1705, 1705, 1705, 681, 1366, 165, '2017-10-21 17:58:46', '2018-10-08 17:28:35'),
+(3, 'users', NULL, 'Users of this group, can edit part informations, create new ones, etc. but are not allowed to use administrative tools. (But can read current configuration, and see Server status)', 42, 2730, 43689, 89, 105, 41, 1431655765, 5, 5, 5, 5, 5, 5, 5, 5, 5, 325, 325, 325, 5461, 325, 5461, 5461, 5461, 5461, 5461, 1365, 1365, 85, '2017-10-21 17:58:46', '2018-10-08 17:28:17');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `internal`
+--
+
+CREATE TABLE `internal` (
+  `keyName` char(30) CHARACTER SET ascii NOT NULL,
+  `keyValue` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `internal`
+--
+
+INSERT INTO `internal` (`keyName`, `keyValue`) VALUES
+('dbVersion', '26');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `log`
+--
+
+CREATE TABLE `log` (
+  `id` int(11) NOT NULL,
+  `datetime` timestamp NOT NULL DEFAULT current_timestamp(),
+  `id_user` int(11) NOT NULL,
+  `level` tinyint(4) NOT NULL,
+  `type` smallint(6) NOT NULL,
+  `target_id` int(11) NOT NULL,
+  `target_type` smallint(6) NOT NULL,
+  `extra` mediumtext NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `manufacturers`
+--
+
+CREATE TABLE `manufacturers` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `address` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `phone_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `fax_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `email_address` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `website` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `auto_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `manufacturers`
+--
+
+INSERT INTO `manufacturers` (`id`, `name`, `parent_id`, `address`, `phone_number`, `fax_number`, `email_address`, `website`, `auto_product_url`, `datetime_added`, `comment`, `last_modified`) VALUES
+(1, 'Atmel', NULL, '', '', '', '', '', '', '2015-03-01 11:27:10', NULL, '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `orderdetails`
+--
+
+CREATE TABLE `orderdetails` (
+  `id` int(11) NOT NULL,
+  `part_id` int(11) NOT NULL,
+  `id_supplier` int(11) NOT NULL DEFAULT 0,
+  `supplierpartnr` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `obsolete` tinyint(1) DEFAULT 0,
+  `supplier_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp()
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `parts`
+--
+
+CREATE TABLE `parts` (
+  `id` int(11) NOT NULL,
+  `id_category` int(11) NOT NULL DEFAULT 0,
+  `name` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `description` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `instock` int(11) NOT NULL DEFAULT 0,
+  `mininstock` int(11) NOT NULL DEFAULT 0,
+  `comment` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `visible` tinyint(1) NOT NULL,
+  `id_footprint` int(11) DEFAULT NULL,
+  `id_storelocation` int(11) DEFAULT NULL,
+  `order_orderdetails_id` int(11) DEFAULT NULL,
+  `order_quantity` int(11) NOT NULL DEFAULT 1,
+  `manual_order` tinyint(1) NOT NULL DEFAULT 0,
+  `id_manufacturer` int(11) DEFAULT NULL,
+  `id_master_picture_attachement` int(11) DEFAULT NULL,
+  `manufacturer_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `favorite` tinyint(1) NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `parts`
+--
+
+INSERT INTO `parts` (`id`, `id_category`, `name`, `description`, `instock`, `mininstock`, `comment`, `visible`, `id_footprint`, `id_storelocation`, `order_orderdetails_id`, `order_quantity`, `manual_order`, `id_manufacturer`, `id_master_picture_attachement`, `manufacturer_product_url`, `datetime_added`, `last_modified`, `favorite`) VALUES
+(2, 1, 'BC547C', 'NPN 45V 0,1A 0,5W', 59, 0, '', 0, 1, 1, NULL, 1, 0, NULL, NULL, '', '2015-03-01 10:40:31', '2016-12-26 10:48:49', 0);
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `pricedetails`
+--
+
+CREATE TABLE `pricedetails` (
+  `id` int(11) NOT NULL,
+  `orderdetails_id` int(11) NOT NULL,
+  `price` decimal(11,5) DEFAULT NULL,
+  `price_related_quantity` int(11) NOT NULL DEFAULT 1,
+  `min_discount_quantity` int(11) NOT NULL DEFAULT 1,
+  `manual_input` tinyint(1) NOT NULL DEFAULT 1,
+  `last_modified` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp()
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `storelocations`
+--
+
+CREATE TABLE `storelocations` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `is_full` tinyint(1) NOT NULL DEFAULT 0,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `storelocations`
+--
+
+INSERT INTO `storelocations` (`id`, `name`, `parent_id`, `is_full`, `datetime_added`, `comment`, `last_modified`) VALUES
+(1, 'Halbleiter I', NULL, 0, '2015-03-01 11:26:37', NULL, '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `suppliers`
+--
+
+CREATE TABLE `suppliers` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `address` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `phone_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `fax_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `email_address` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `website` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `auto_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `suppliers`
+--
+
+INSERT INTO `suppliers` (`id`, `name`, `parent_id`, `address`, `phone_number`, `fax_number`, `email_address`, `website`, `auto_product_url`, `datetime_added`, `comment`, `last_modified`) VALUES
+(1, 'Test', NULL, '', '', '', '', '', 'Test', '2015-03-01 10:37:23', NULL, '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `users`
+--
+
+CREATE TABLE `users` (
+  `id` int(11) NOT NULL,
+  `name` varchar(32) NOT NULL,
+  `password` varchar(255) DEFAULT NULL,
+  `first_name` tinytext DEFAULT NULL,
+  `last_name` tinytext DEFAULT NULL,
+  `department` tinytext DEFAULT NULL,
+  `email` tinytext DEFAULT NULL,
+  `need_pw_change` tinyint(1) NOT NULL DEFAULT 0,
+  `group_id` int(11) DEFAULT NULL,
+  `config_language` tinytext DEFAULT NULL,
+  `config_timezone` tinytext DEFAULT NULL,
+  `config_theme` tinytext DEFAULT NULL,
+  `config_currency` tinytext DEFAULT NULL,
+  `config_image_path` text NOT NULL,
+  `config_instock_comment_w` text NOT NULL,
+  `config_instock_comment_a` text NOT NULL,
+  `perms_system` int(11) NOT NULL,
+  `perms_groups` int(11) NOT NULL,
+  `perms_users` int(11) NOT NULL,
+  `perms_self` int(11) NOT NULL,
+  `perms_system_config` int(11) NOT NULL,
+  `perms_system_database` int(11) NOT NULL,
+  `perms_parts` bigint(11) NOT NULL,
+  `perms_parts_name` smallint(6) NOT NULL,
+  `perms_parts_description` smallint(6) NOT NULL,
+  `perms_parts_instock` smallint(6) NOT NULL,
+  `perms_parts_mininstock` smallint(6) NOT NULL,
+  `perms_parts_footprint` smallint(6) NOT NULL,
+  `perms_parts_storelocation` smallint(6) NOT NULL,
+  `perms_parts_manufacturer` smallint(6) NOT NULL,
+  `perms_parts_comment` smallint(6) NOT NULL,
+  `perms_parts_order` smallint(6) NOT NULL,
+  `perms_parts_orderdetails` smallint(6) NOT NULL,
+  `perms_parts_prices` smallint(6) NOT NULL,
+  `perms_parts_attachements` smallint(6) NOT NULL,
+  `perms_devices` int(11) NOT NULL,
+  `perms_devices_parts` int(11) NOT NULL,
+  `perms_storelocations` int(11) NOT NULL,
+  `perms_footprints` int(11) NOT NULL,
+  `perms_categories` int(11) NOT NULL,
+  `perms_suppliers` int(11) NOT NULL,
+  `perms_manufacturers` int(11) NOT NULL,
+  `perms_attachement_types` int(11) NOT NULL,
+  `perms_tools` int(11) NOT NULL,
+  `perms_labels` smallint(6) NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;
+
+--
+-- Daten für Tabelle `users`
+--
+
+INSERT INTO `users` (`id`, `name`, `password`, `first_name`, `last_name`, `department`, `email`, `need_pw_change`, `group_id`, `config_language`, `config_timezone`, `config_theme`, `config_currency`, `config_image_path`, `config_instock_comment_w`, `config_instock_comment_a`, `perms_system`, `perms_groups`, `perms_users`, `perms_self`, `perms_system_config`, `perms_system_database`, `perms_parts`, `perms_parts_name`, `perms_parts_description`, `perms_parts_instock`, `perms_parts_mininstock`, `perms_parts_footprint`, `perms_parts_storelocation`, `perms_parts_manufacturer`, `perms_parts_comment`, `perms_parts_order`, `perms_parts_orderdetails`, `perms_parts_prices`, `perms_parts_attachements`, `perms_devices`, `perms_devices_parts`, `perms_storelocations`, `perms_footprints`, `perms_categories`, `perms_suppliers`, `perms_manufacturers`, `perms_attachement_types`, `perms_tools`, `perms_labels`, `datetime_added`, `last_modified`) VALUES
+(1, 'anonymous', '', '', '', '', '', 0, 2, '', '', '', NULL, '', '', '', 21848, 20480, 0, 0, 0, 0, 0, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21520, 21520, 21520, 20480, 21520, 20480, 20480, 20480, 20480, 20480, 21504, 20480, 0, '2017-10-21 17:58:46', '2018-02-18 12:46:58'),
+(2, 'admin', '$2a$12$j0RKrKlx60bzX1DWMyXwjeaW.pe3bFjAK8ByIGnvjrRnET2JtsFoe', 'Admin', 'Ad', NULL, 'admin@ras.pi', 0, 1, '', '', '', NULL, '', '', '', 21845, 21845, 21845, 21, 85, 21, 349525, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 0, '2017-10-21 17:58:46', '2017-12-23 11:04:48');
+
+--
+-- Indizes der exportierten Tabellen
+--
+
+--
+-- Indizes für die Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `attachements_class_name_k` (`class_name`),
+  ADD KEY `attachements_element_id_k` (`element_id`),
+  ADD KEY `attachements_type_id_fk` (`type_id`);
+
+--
+-- Indizes für die Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `attachement_types_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `categories`
+--
+ALTER TABLE `categories`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `categories_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `devices`
+--
+ALTER TABLE `devices`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `devices_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `device_parts`
+--
+ALTER TABLE `device_parts`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `device_parts_combination_uk` (`id_part`,`id_device`),
+  ADD KEY `device_parts_id_part_k` (`id_part`),
+  ADD KEY `device_parts_id_device_k` (`id_device`);
+
+--
+-- Indizes für die Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `footprints_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `groups`
+--
+ALTER TABLE `groups`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `name` (`name`);
+
+--
+-- Indizes für die Tabelle `internal`
+--
+ALTER TABLE `internal`
+  ADD UNIQUE KEY `keyName` (`keyName`);
+
+--
+-- Indizes für die Tabelle `log`
+--
+ALTER TABLE `log`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `id_user` (`id_user`);
+
+--
+-- Indizes für die Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `manufacturers_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `orderdetails`
+--
+ALTER TABLE `orderdetails`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `orderdetails_part_id_k` (`part_id`),
+  ADD KEY `orderdetails_id_supplier_k` (`id_supplier`);
+
+--
+-- Indizes für die Tabelle `parts`
+--
+ALTER TABLE `parts`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `parts_id_category_k` (`id_category`),
+  ADD KEY `parts_id_footprint_k` (`id_footprint`),
+  ADD KEY `parts_id_storelocation_k` (`id_storelocation`),
+  ADD KEY `parts_order_orderdetails_id_k` (`order_orderdetails_id`),
+  ADD KEY `parts_id_manufacturer_k` (`id_manufacturer`),
+  ADD KEY `favorite` (`favorite`);
+
+--
+-- Indizes für die Tabelle `pricedetails`
+--
+ALTER TABLE `pricedetails`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `pricedetails_combination_uk` (`orderdetails_id`,`min_discount_quantity`),
+  ADD KEY `pricedetails_orderdetails_id_k` (`orderdetails_id`);
+
+--
+-- Indizes für die Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `storelocations_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `suppliers_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `name` (`name`);
+
+--
+-- AUTO_INCREMENT für exportierte Tabellen
+--
+
+--
+-- AUTO_INCREMENT für Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=201;
+
+--
+-- AUTO_INCREMENT für Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
+
+--
+-- AUTO_INCREMENT für Tabelle `categories`
+--
+ALTER TABLE `categories`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=123;
+
+--
+-- AUTO_INCREMENT für Tabelle `devices`
+--
+ALTER TABLE `devices`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `device_parts`
+--
+ALTER TABLE `device_parts`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=12;
+
+--
+-- AUTO_INCREMENT für Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=82;
+
+--
+-- AUTO_INCREMENT für Tabelle `groups`
+--
+ALTER TABLE `groups`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=4;
+
+--
+-- AUTO_INCREMENT für Tabelle `log`
+--
+ALTER TABLE `log`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=218;
+
+--
+-- AUTO_INCREMENT für Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `orderdetails`
+--
+ALTER TABLE `orderdetails`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=650;
+
+--
+-- AUTO_INCREMENT für Tabelle `parts`
+--
+ALTER TABLE `parts`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=1171;
+
+--
+-- AUTO_INCREMENT für Tabelle `pricedetails`
+--
+ALTER TABLE `pricedetails`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=437;
+
+--
+-- AUTO_INCREMENT für Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=340;
+
+--
+-- AUTO_INCREMENT für Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=5;
+
+--
+-- AUTO_INCREMENT für Tabelle `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
+
+--
+-- Constraints der exportierten Tabellen
+--
+
+--
+-- Constraints der Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  ADD CONSTRAINT `attachements_type_id_fk` FOREIGN KEY (`type_id`) REFERENCES `attachement_types` (`id`);
+
+--
+-- Constraints der Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  ADD CONSTRAINT `attachement_types_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `attachement_types` (`id`);
+
+--
+-- Constraints der Tabelle `categories`
+--
+ALTER TABLE `categories`
+  ADD CONSTRAINT `categories_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `categories` (`id`);
+
+--
+-- Constraints der Tabelle `devices`
+--
+ALTER TABLE `devices`
+  ADD CONSTRAINT `devices_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `devices` (`id`);
+
+--
+-- Constraints der Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  ADD CONSTRAINT `footprints_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `footprints` (`id`);
+
+--
+-- Constraints der Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  ADD CONSTRAINT `manufacturers_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `manufacturers` (`id`);
+
+--
+-- Constraints der Tabelle `parts`
+--
+ALTER TABLE `parts`
+  ADD CONSTRAINT `parts_id_footprint_fk` FOREIGN KEY (`id_footprint`) REFERENCES `footprints` (`id`),
+  ADD CONSTRAINT `parts_id_manufacturer_fk` FOREIGN KEY (`id_manufacturer`) REFERENCES `manufacturers` (`id`),
+  ADD CONSTRAINT `parts_id_storelocation_fk` FOREIGN KEY (`id_storelocation`) REFERENCES `storelocations` (`id`),
+  ADD CONSTRAINT `parts_order_orderdetails_id_fk` FOREIGN KEY (`order_orderdetails_id`) REFERENCES `orderdetails` (`id`);
+
+--
+-- Constraints der Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  ADD CONSTRAINT `storelocations_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `storelocations` (`id`);
+
+--
+-- Constraints der Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  ADD CONSTRAINT `suppliers_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `suppliers` (`id`);
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
--- a/.github/assets/legacy_import/db_minimal.sql
+++ b/.github/assets/legacy_import/db_minimal.sql
@@ -0,0 +1,736 @@
+-- phpMyAdmin SQL Dump
+-- version 5.1.3
+-- https://www.phpmyadmin.net/
+--
+-- Host: 127.0.0.1
+-- Erstellungszeit: 07. Mai 2023 um 01:48
+-- Server-Version: 10.6.5-MariaDB-log
+-- PHP-Version: 8.1.2
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Datenbank: `partdb-legacy`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `attachements`
+--
+
+CREATE TABLE `attachements` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `class_name` varchar(255) COLLATE utf8mb3_unicode_ci NOT NULL,
+  `element_id` int(11) NOT NULL,
+  `type_id` int(11) NOT NULL,
+  `filename` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `show_in_table` tinyint(1) NOT NULL DEFAULT 0,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `attachement_types`
+--
+
+CREATE TABLE `attachement_types` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `attachement_types`
+--
+
+INSERT INTO `attachement_types` (`id`, `name`, `parent_id`, `comment`, `datetime_added`, `last_modified`) VALUES
+(1, 'Bilder', NULL, NULL, '2023-01-07 18:31:48', '0000-00-00 00:00:00'),
+(2, 'Datenblätter', NULL, NULL, '2023-01-07 18:31:48', '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `categories`
+--
+
+CREATE TABLE `categories` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `disable_footprints` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_manufacturers` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_autodatasheets` tinyint(1) NOT NULL DEFAULT 0,
+  `disable_properties` tinyint(1) NOT NULL DEFAULT 0,
+  `partname_regex` text COLLATE utf8mb3_unicode_ci NOT NULL DEFAULT '',
+  `partname_hint` text COLLATE utf8mb3_unicode_ci NOT NULL DEFAULT '',
+  `default_description` text COLLATE utf8mb3_unicode_ci NOT NULL DEFAULT '',
+  `default_comment` text COLLATE utf8mb3_unicode_ci NOT NULL DEFAULT '',
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `categories`
+--
+
+INSERT INTO `categories` (`id`, `name`, `parent_id`, `disable_footprints`, `disable_manufacturers`, `disable_autodatasheets`, `disable_properties`, `partname_regex`, `partname_hint`, `default_description`, `default_comment`, `comment`, `datetime_added`, `last_modified`) VALUES
+(1, 'Test', NULL, 0, 0, 0, 0, '', '', '', '', '', '2023-01-07 18:32:29', '2023-01-07 18:32:29');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `devices`
+--
+
+CREATE TABLE `devices` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `order_quantity` int(11) NOT NULL DEFAULT 0,
+  `order_only_missing_parts` tinyint(1) NOT NULL DEFAULT 0,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `device_parts`
+--
+
+CREATE TABLE `device_parts` (
+  `id` int(11) NOT NULL,
+  `id_part` int(11) NOT NULL DEFAULT 0,
+  `id_device` int(11) NOT NULL DEFAULT 0,
+  `quantity` int(11) NOT NULL DEFAULT 0,
+  `mountnames` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `footprints`
+--
+
+CREATE TABLE `footprints` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `filename` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `filename_3d` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `groups`
+--
+
+CREATE TABLE `groups` (
+  `id` int(11) NOT NULL,
+  `name` varchar(32) NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `comment` mediumtext DEFAULT NULL,
+  `perms_system` int(11) NOT NULL,
+  `perms_groups` int(11) NOT NULL,
+  `perms_users` int(11) NOT NULL,
+  `perms_self` int(11) NOT NULL,
+  `perms_system_config` int(11) NOT NULL,
+  `perms_system_database` int(11) NOT NULL,
+  `perms_parts` bigint(11) NOT NULL,
+  `perms_parts_name` smallint(6) NOT NULL,
+  `perms_parts_description` smallint(6) NOT NULL,
+  `perms_parts_instock` smallint(6) NOT NULL,
+  `perms_parts_mininstock` smallint(6) NOT NULL,
+  `perms_parts_footprint` smallint(6) NOT NULL,
+  `perms_parts_storelocation` smallint(6) NOT NULL,
+  `perms_parts_manufacturer` smallint(6) NOT NULL,
+  `perms_parts_comment` smallint(6) NOT NULL,
+  `perms_parts_order` smallint(6) NOT NULL,
+  `perms_parts_orderdetails` smallint(6) NOT NULL,
+  `perms_parts_prices` smallint(6) NOT NULL,
+  `perms_parts_attachements` smallint(6) NOT NULL,
+  `perms_devices` int(11) NOT NULL,
+  `perms_devices_parts` int(11) NOT NULL,
+  `perms_storelocations` int(11) NOT NULL,
+  `perms_footprints` int(11) NOT NULL,
+  `perms_categories` int(11) NOT NULL,
+  `perms_suppliers` int(11) NOT NULL,
+  `perms_manufacturers` int(11) NOT NULL,
+  `perms_attachement_types` int(11) NOT NULL,
+  `perms_tools` int(11) NOT NULL,
+  `perms_labels` smallint(6) NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Daten für Tabelle `groups`
+--
+
+INSERT INTO `groups` (`id`, `name`, `parent_id`, `comment`, `perms_system`, `perms_groups`, `perms_users`, `perms_self`, `perms_system_config`, `perms_system_database`, `perms_parts`, `perms_parts_name`, `perms_parts_description`, `perms_parts_instock`, `perms_parts_mininstock`, `perms_parts_footprint`, `perms_parts_storelocation`, `perms_parts_manufacturer`, `perms_parts_comment`, `perms_parts_order`, `perms_parts_orderdetails`, `perms_parts_prices`, `perms_parts_attachements`, `perms_devices`, `perms_devices_parts`, `perms_storelocations`, `perms_footprints`, `perms_categories`, `perms_suppliers`, `perms_manufacturers`, `perms_attachement_types`, `perms_tools`, `perms_labels`, `datetime_added`, `last_modified`) VALUES
+(1, 'admins', NULL, 'Users of this group can do everything: Read, Write and Administrative actions.', 21, 1365, 87381, 85, 85, 21, 1431655765, 5, 5, 5, 5, 5, 5, 5, 5, 5, 325, 325, 325, 5461, 325, 5461, 5461, 5461, 5461, 5461, 1365, 1365, 85, '2023-01-07 18:31:48', '0000-00-00 00:00:00'),
+(2, 'readonly', NULL, 'Users of this group can only read informations, use tools, and don\'t have access to administrative tools.', 42, 2730, 174762, 154, 170, 42, -1516939607, 9, 9, 9, 9, 9, 9, 9, 9, 9, 649, 649, 649, 1705, 649, 1705, 1705, 1705, 1705, 1705, 681, 1366, 165, '2023-01-07 18:31:48', '0000-00-00 00:00:00'),
+(3, 'users', NULL, 'Users of this group, can edit part informations, create new ones, etc. but are not allowed to use administrative tools. (But can read current configuration, and see Server status)', 42, 2730, 109226, 89, 105, 41, 1431655765, 5, 5, 5, 5, 5, 5, 5, 5, 5, 325, 325, 325, 5461, 325, 5461, 5461, 5461, 5461, 5461, 1365, 1365, 85, '2023-01-07 18:31:48', '0000-00-00 00:00:00');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `internal`
+--
+
+CREATE TABLE `internal` (
+  `keyName` char(30) CHARACTER SET ascii NOT NULL,
+  `keyValue` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `internal`
+--
+
+INSERT INTO `internal` (`keyName`, `keyValue`) VALUES
+('dbVersion', '26');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `log`
+--
+
+CREATE TABLE `log` (
+  `id` int(11) NOT NULL,
+  `datetime` timestamp NOT NULL DEFAULT current_timestamp(),
+  `id_user` int(11) NOT NULL,
+  `level` tinyint(4) NOT NULL,
+  `type` smallint(6) NOT NULL,
+  `target_id` int(11) NOT NULL,
+  `target_type` smallint(6) NOT NULL,
+  `extra` mediumtext NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Daten für Tabelle `log`
+--
+
+INSERT INTO `log` (`id`, `datetime`, `id_user`, `level`, `type`, `target_id`, `target_type`, `extra`) VALUES
+(1, '2023-01-07 18:31:48', 1, 4, 10, 0, 0, '{\"o\":0,\"n\":26,\"s\":true}'),
+(2, '2023-01-07 18:32:13', 2, 6, 1, 2, 1, '{\"i\":\"::\"}'),
+(3, '2023-01-07 18:32:29', 2, 6, 6, 1, 4, '[]'),
+(4, '2023-01-07 18:32:53', 2, 6, 6, 1, 12, '[]'),
+(5, '2023-01-07 18:33:26', 2, 6, 6, 1, 10, '{\"i\":0}');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `manufacturers`
+--
+
+CREATE TABLE `manufacturers` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `address` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `phone_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `fax_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `email_address` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `website` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `auto_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `orderdetails`
+--
+
+CREATE TABLE `orderdetails` (
+  `id` int(11) NOT NULL,
+  `part_id` int(11) NOT NULL,
+  `id_supplier` int(11) NOT NULL DEFAULT 0,
+  `supplierpartnr` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `obsolete` tinyint(1) DEFAULT 0,
+  `supplier_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp()
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `orderdetails`
+--
+
+INSERT INTO `orderdetails` (`id`, `part_id`, `id_supplier`, `supplierpartnr`, `obsolete`, `supplier_product_url`, `datetime_added`) VALUES
+(1, 1, 1, 'BC547', 0, '', '2023-01-07 18:45:59'),
+(2, 1, 1, 'Test', 0, '', '2023-01-07 18:46:09');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `parts`
+--
+
+CREATE TABLE `parts` (
+  `id` int(11) NOT NULL,
+  `id_category` int(11) NOT NULL DEFAULT 0,
+  `name` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `description` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `instock` int(11) NOT NULL DEFAULT 0,
+  `mininstock` int(11) NOT NULL DEFAULT 0,
+  `comment` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `visible` tinyint(1) NOT NULL,
+  `id_footprint` int(11) DEFAULT NULL,
+  `id_storelocation` int(11) DEFAULT NULL,
+  `order_orderdetails_id` int(11) DEFAULT NULL,
+  `order_quantity` int(11) NOT NULL DEFAULT 1,
+  `manual_order` tinyint(1) NOT NULL DEFAULT 0,
+  `id_manufacturer` int(11) DEFAULT NULL,
+  `id_master_picture_attachement` int(11) DEFAULT NULL,
+  `manufacturer_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `favorite` tinyint(1) NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `parts`
+--
+
+INSERT INTO `parts` (`id`, `id_category`, `name`, `description`, `instock`, `mininstock`, `comment`, `visible`, `id_footprint`, `id_storelocation`, `order_orderdetails_id`, `order_quantity`, `manual_order`, `id_manufacturer`, `id_master_picture_attachement`, `manufacturer_product_url`, `datetime_added`, `last_modified`, `favorite`) VALUES
+(1, 1, 'BC547', '', 0, 0, '', 0, NULL, NULL, NULL, 1, 0, NULL, NULL, '', '2023-01-07 18:33:26', '2023-01-07 18:33:26', 0);
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `pricedetails`
+--
+
+CREATE TABLE `pricedetails` (
+  `id` int(11) NOT NULL,
+  `orderdetails_id` int(11) NOT NULL,
+  `price` decimal(11,5) DEFAULT NULL,
+  `price_related_quantity` int(11) NOT NULL DEFAULT 1,
+  `min_discount_quantity` int(11) NOT NULL DEFAULT 1,
+  `manual_input` tinyint(1) NOT NULL DEFAULT 1,
+  `last_modified` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp()
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `pricedetails`
+--
+
+INSERT INTO `pricedetails` (`id`, `orderdetails_id`, `price`, `price_related_quantity`, `min_discount_quantity`, `manual_input`, `last_modified`) VALUES
+(1, 2, '3.55000', 1, 1, 1, '2023-01-07 18:46:19');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `storelocations`
+--
+
+CREATE TABLE `storelocations` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `is_full` tinyint(1) NOT NULL DEFAULT 0,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `suppliers`
+--
+
+CREATE TABLE `suppliers` (
+  `id` int(11) NOT NULL,
+  `name` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `parent_id` int(11) DEFAULT NULL,
+  `address` mediumtext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `phone_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `fax_number` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `email_address` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `website` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `auto_product_url` tinytext COLLATE utf8mb3_unicode_ci NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `comment` text COLLATE utf8mb3_unicode_ci DEFAULT NULL,
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+--
+-- Daten für Tabelle `suppliers`
+--
+
+INSERT INTO `suppliers` (`id`, `name`, `parent_id`, `address`, `phone_number`, `fax_number`, `email_address`, `website`, `auto_product_url`, `datetime_added`, `comment`, `last_modified`) VALUES
+(1, 'Reichelt', NULL, '', '', '', '', '', '', '2023-01-07 18:32:53', '', '2023-01-07 18:32:53');
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `users`
+--
+
+CREATE TABLE `users` (
+  `id` int(11) NOT NULL,
+  `name` varchar(32) NOT NULL,
+  `password` varchar(255) DEFAULT NULL,
+  `first_name` tinytext DEFAULT NULL,
+  `last_name` tinytext DEFAULT NULL,
+  `department` tinytext DEFAULT NULL,
+  `email` tinytext DEFAULT NULL,
+  `need_pw_change` tinyint(1) NOT NULL DEFAULT 0,
+  `group_id` int(11) DEFAULT NULL,
+  `config_language` tinytext DEFAULT NULL,
+  `config_timezone` tinytext DEFAULT NULL,
+  `config_theme` tinytext DEFAULT NULL,
+  `config_currency` tinytext DEFAULT NULL,
+  `config_image_path` text NOT NULL,
+  `config_instock_comment_w` text NOT NULL,
+  `config_instock_comment_a` text NOT NULL,
+  `perms_system` int(11) NOT NULL,
+  `perms_groups` int(11) NOT NULL,
+  `perms_users` int(11) NOT NULL,
+  `perms_self` int(11) NOT NULL,
+  `perms_system_config` int(11) NOT NULL,
+  `perms_system_database` int(11) NOT NULL,
+  `perms_parts` bigint(11) NOT NULL,
+  `perms_parts_name` smallint(6) NOT NULL,
+  `perms_parts_description` smallint(6) NOT NULL,
+  `perms_parts_instock` smallint(6) NOT NULL,
+  `perms_parts_mininstock` smallint(6) NOT NULL,
+  `perms_parts_footprint` smallint(6) NOT NULL,
+  `perms_parts_storelocation` smallint(6) NOT NULL,
+  `perms_parts_manufacturer` smallint(6) NOT NULL,
+  `perms_parts_comment` smallint(6) NOT NULL,
+  `perms_parts_order` smallint(6) NOT NULL,
+  `perms_parts_orderdetails` smallint(6) NOT NULL,
+  `perms_parts_prices` smallint(6) NOT NULL,
+  `perms_parts_attachements` smallint(6) NOT NULL,
+  `perms_devices` int(11) NOT NULL,
+  `perms_devices_parts` int(11) NOT NULL,
+  `perms_storelocations` int(11) NOT NULL,
+  `perms_footprints` int(11) NOT NULL,
+  `perms_categories` int(11) NOT NULL,
+  `perms_suppliers` int(11) NOT NULL,
+  `perms_manufacturers` int(11) NOT NULL,
+  `perms_attachement_types` int(11) NOT NULL,
+  `perms_tools` int(11) NOT NULL,
+  `perms_labels` smallint(6) NOT NULL,
+  `datetime_added` timestamp NOT NULL DEFAULT current_timestamp(),
+  `last_modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Daten für Tabelle `users`
+--
+
+INSERT INTO `users` (`id`, `name`, `password`, `first_name`, `last_name`, `department`, `email`, `need_pw_change`, `group_id`, `config_language`, `config_timezone`, `config_theme`, `config_currency`, `config_image_path`, `config_instock_comment_w`, `config_instock_comment_a`, `perms_system`, `perms_groups`, `perms_users`, `perms_self`, `perms_system_config`, `perms_system_database`, `perms_parts`, `perms_parts_name`, `perms_parts_description`, `perms_parts_instock`, `perms_parts_mininstock`, `perms_parts_footprint`, `perms_parts_storelocation`, `perms_parts_manufacturer`, `perms_parts_comment`, `perms_parts_order`, `perms_parts_orderdetails`, `perms_parts_prices`, `perms_parts_attachements`, `perms_devices`, `perms_devices_parts`, `perms_storelocations`, `perms_footprints`, `perms_categories`, `perms_suppliers`, `perms_manufacturers`, `perms_attachement_types`, `perms_tools`, `perms_labels`, `datetime_added`, `last_modified`) VALUES
+(1, 'anonymous', '', '', '', '', '', 0, 2, NULL, NULL, NULL, NULL, '', '', '', 21844, 20480, 0, 0, 0, 0, 0, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21840, 21520, 21520, 21520, 20480, 21520, 20480, 20480, 20480, 20480, 20480, 21504, 20480, 0, '2023-01-07 18:31:48', '0000-00-00 00:00:00'),
+(2, 'admin', '$2a$12$j0RKrKlx60bzX1DWMyXwjeaW.pe3bFjAK8ByIGnvjrRnET2JtsFoe$2a$12$j0RKrKlx60bzX1DWMyXwjeaW.pe3bFjAK8ByIGnvjrRnET2JtsFoe', '', '', '', '', 1, 1, NULL, NULL, NULL, NULL, '', '', '', 21845, 21845, 21845, 21, 85, 21, 349525, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 21845, 0, '2023-01-07 18:31:48', '0000-00-00 00:00:00');
+
+--
+-- Indizes der exportierten Tabellen
+--
+
+--
+-- Indizes für die Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `attachements_class_name_k` (`class_name`),
+  ADD KEY `attachements_element_id_k` (`element_id`),
+  ADD KEY `attachements_type_id_fk` (`type_id`);
+
+--
+-- Indizes für die Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `attachement_types_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `categories`
+--
+ALTER TABLE `categories`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `categories_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `devices`
+--
+ALTER TABLE `devices`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `devices_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `device_parts`
+--
+ALTER TABLE `device_parts`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `device_parts_combination_uk` (`id_part`,`id_device`),
+  ADD KEY `device_parts_id_part_k` (`id_part`),
+  ADD KEY `device_parts_id_device_k` (`id_device`);
+
+--
+-- Indizes für die Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `footprints_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `groups`
+--
+ALTER TABLE `groups`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `name` (`name`);
+
+--
+-- Indizes für die Tabelle `internal`
+--
+ALTER TABLE `internal`
+  ADD UNIQUE KEY `keyName` (`keyName`);
+
+--
+-- Indizes für die Tabelle `log`
+--
+ALTER TABLE `log`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `id_user` (`id_user`);
+
+--
+-- Indizes für die Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `manufacturers_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `orderdetails`
+--
+ALTER TABLE `orderdetails`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `orderdetails_part_id_k` (`part_id`),
+  ADD KEY `orderdetails_id_supplier_k` (`id_supplier`);
+
+--
+-- Indizes für die Tabelle `parts`
+--
+ALTER TABLE `parts`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `parts_id_category_k` (`id_category`),
+  ADD KEY `parts_id_footprint_k` (`id_footprint`),
+  ADD KEY `parts_id_storelocation_k` (`id_storelocation`),
+  ADD KEY `parts_order_orderdetails_id_k` (`order_orderdetails_id`),
+  ADD KEY `parts_id_manufacturer_k` (`id_manufacturer`),
+  ADD KEY `favorite` (`favorite`);
+
+--
+-- Indizes für die Tabelle `pricedetails`
+--
+ALTER TABLE `pricedetails`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `pricedetails_combination_uk` (`orderdetails_id`,`min_discount_quantity`),
+  ADD KEY `pricedetails_orderdetails_id_k` (`orderdetails_id`);
+
+--
+-- Indizes für die Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `storelocations_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  ADD PRIMARY KEY (`id`),
+  ADD KEY `suppliers_parent_id_k` (`parent_id`);
+
+--
+-- Indizes für die Tabelle `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `name` (`name`);
+
+--
+-- AUTO_INCREMENT für exportierte Tabellen
+--
+
+--
+-- AUTO_INCREMENT für Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
+
+--
+-- AUTO_INCREMENT für Tabelle `categories`
+--
+ALTER TABLE `categories`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `devices`
+--
+ALTER TABLE `devices`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `device_parts`
+--
+ALTER TABLE `device_parts`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `groups`
+--
+ALTER TABLE `groups`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=4;
+
+--
+-- AUTO_INCREMENT für Tabelle `log`
+--
+ALTER TABLE `log`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
+
+--
+-- AUTO_INCREMENT für Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `orderdetails`
+--
+ALTER TABLE `orderdetails`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
+
+--
+-- AUTO_INCREMENT für Tabelle `parts`
+--
+ALTER TABLE `parts`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `pricedetails`
+--
+ALTER TABLE `pricedetails`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+
+--
+-- AUTO_INCREMENT für Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
+
+--
+-- AUTO_INCREMENT für Tabelle `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
+
+--
+-- Constraints der exportierten Tabellen
+--
+
+--
+-- Constraints der Tabelle `attachements`
+--
+ALTER TABLE `attachements`
+  ADD CONSTRAINT `attachements_type_id_fk` FOREIGN KEY (`type_id`) REFERENCES `attachement_types` (`id`);
+
+--
+-- Constraints der Tabelle `attachement_types`
+--
+ALTER TABLE `attachement_types`
+  ADD CONSTRAINT `attachement_types_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `attachement_types` (`id`);
+
+--
+-- Constraints der Tabelle `categories`
+--
+ALTER TABLE `categories`
+  ADD CONSTRAINT `categories_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `categories` (`id`);
+
+--
+-- Constraints der Tabelle `devices`
+--
+ALTER TABLE `devices`
+  ADD CONSTRAINT `devices_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `devices` (`id`);
+
+--
+-- Constraints der Tabelle `footprints`
+--
+ALTER TABLE `footprints`
+  ADD CONSTRAINT `footprints_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `footprints` (`id`);
+
+--
+-- Constraints der Tabelle `manufacturers`
+--
+ALTER TABLE `manufacturers`
+  ADD CONSTRAINT `manufacturers_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `manufacturers` (`id`);
+
+--
+-- Constraints der Tabelle `parts`
+--
+ALTER TABLE `parts`
+  ADD CONSTRAINT `parts_id_footprint_fk` FOREIGN KEY (`id_footprint`) REFERENCES `footprints` (`id`),
+  ADD CONSTRAINT `parts_id_manufacturer_fk` FOREIGN KEY (`id_manufacturer`) REFERENCES `manufacturers` (`id`),
+  ADD CONSTRAINT `parts_id_storelocation_fk` FOREIGN KEY (`id_storelocation`) REFERENCES `storelocations` (`id`),
+  ADD CONSTRAINT `parts_order_orderdetails_id_fk` FOREIGN KEY (`order_orderdetails_id`) REFERENCES `orderdetails` (`id`);
+
+--
+-- Constraints der Tabelle `storelocations`
+--
+ALTER TABLE `storelocations`
+  ADD CONSTRAINT `storelocations_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `storelocations` (`id`);
+
+--
+-- Constraints der Tabelle `suppliers`
+--
+ALTER TABLE `suppliers`
+  ADD CONSTRAINT `suppliers_parent_id_fk` FOREIGN KEY (`parent_id`) REFERENCES `suppliers` (`id`);
+COMMIT;
+
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
--- a/.github/assets/legacy_import/test_legacy_import.sh
+++ b/.github/assets/legacy_import/test_legacy_import.sh
@@ -0,0 +1,54 @@
+#
+# This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+#
+#  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU Affero General Public License as published
+#  by the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU Affero General Public License for more details.
+#
+#  You should have received a copy of the GNU Affero General Public License
+#  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+#!/bin/bash
+
+# This script is used to test the legacy import of Part-DB
+
+SQL_FILES_TO_TEST=("db_minimal.sql" "db_jbtronics.sql")
+
+DB_NAME="legacy_db_test"
+DB_USER="root"
+DB_PASSWORD="root"
+
+# Iterate over all given SQL files and import them into the mysql database with the given name, drop the database if it already exists before
+for SQL_FILE in "${SQL_FILES_TO_TEST[@]}"
+do
+    echo "Testing for $SQL_FILE"
+    mysql -u $DB_USER --password=$DB_PASSWORD -e "DROP DATABASE IF EXISTS $DB_NAME; CREATE DATABASE $DB_NAME;"
+    # If the last command failed, exit the script
+    if [ $? -ne 0 ]; then
+        echo "Failed to create database $DB_NAME"
+        exit 1
+    fi
+    # Import the SQL file into the database. The file pathes are relative to the current script location
+    mysql -u $DB_USER --password=$DB_PASSWORD $DB_NAME < .github/assets/legacy_import/$SQL_FILE
+    # If the last command failed, exit the script
+    if [ $? -ne 0 ]; then
+        echo "Failed to import $SQL_FILE into database $DB_NAME"
+        exit 1
+    fi
+    # Run doctrine migrations, this will migrate the database to the current version. This process should not fail
+    php bin/console doctrine:migrations:migrate -n
+    # If the last command failed, exit the script
+    if [ $? -ne 0 ]; then
+        echo "Failed to migrate database $DB_NAME"
+        exit 1
+    fi
+done
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
--- a/.github/workflows/assets_artifact_build.yml
+++ b/.github/workflows/assets_artifact_build.yml
@@ -19,7 +19,15 @@ jobs:
      APP_ENV: prod

    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.2'
+          coverage: none
+          ini-values: xdebug.max_nesting_level=1000
+          extensions: mbstring, intl, gd, xsl, gmp, bcmath

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -49,7 +57,7 @@ jobs:
            ${{ runner.os }}-yarn-

      - name: Setup node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
        with:
          node-version: '18'

--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,54 +0,0 @@
-name: "CodeQL"
-
-on:
-  push:
-    branches: [master, ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [master]
-  schedule:
-    - cron: '0 14 * * 3'
-
-jobs:
-  analyse:
-    name: Analyse
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
--- a/.github/workflows/docker_build.yml
+++ b/.github/workflows/docker_build.yml
@@ -10,9 +10,6 @@ on:
    tags:
      - 'v*.*.*'
      - 'v*.*.*-**'
-  pull_request:
-    branches:
-      - 'master'

 jobs:
  docker:
@@ -20,11 +17,11 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Docker meta
        id: docker_meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          # list of Docker images to use as base name for tags
          images: |
@@ -52,23 +49,23 @@ jobs:

      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
        with:
          platforms: 'arm64,arm'
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -
        name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64,linux/arm/v7
--- a/.github/workflows/static_analysis.yml
+++ b/.github/workflows/static_analysis.yml
@@ -16,7 +16,15 @@ jobs:
    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: '8.2'
+        coverage: none
+        ini-values: xdebug.max_nesting_level=1000
+        extensions: mbstring, intl, gd, xsl, gmp, bcmath

    - name: Get Composer Cache Directory
      id: composer-cache
@@ -38,18 +46,20 @@ jobs:
    
    - name: Lint twig templates
      run: ./bin/console lint:twig templates --env=prod
-    
-    - name: Lint translations 
-      run: ./bin/console lint:xliff translations
+
+    # This causes problems with emtpy language files
+    #- name: Lint translations
+    #  run: ./bin/console lint:xliff translations

    - name: Check dependencies for security
-      uses: symfonycorp/security-checker-action@v3
+      uses: symfonycorp/security-checker-action@v5
    
    - name: Check doctrine mapping
      run: ./bin/console doctrine:schema:validate --skip-sync -vvv --no-interaction
-    
+
+    # Use the -d option to raise the max nesting level
    - name: Generate dev container
-      run: ./bin/console cache:clear --env dev
+      run: php -d xdebug.max_nesting_level=1000 ./bin/console cache:clear --env dev
    
    - name: Run PHPstan
      run: composer phpstan
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -13,12 +13,11 @@ on:
 jobs:
  phpunit:
    name: PHPUnit and coverage Test (PHP ${{ matrix.php-versions }}, ${{ matrix.db-type }})
-    # Ubuntu 20.04 ships MySQL 8.0 which causes problems with login, so we just use ubuntu 18.04 for now...
    runs-on: ubuntu-22.04

    strategy:
      matrix:
-        php-versions: [ '7.4', '8.0', '8.1', '8.2' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]
        db-type: [ 'mysql', 'sqlite' ]

    env:
@@ -38,13 +37,14 @@ jobs:
        if: matrix.db-type == 'sqlite'

      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ matrix.php-versions }}
          coverage: pcov
+          ini-values: xdebug.max_nesting_level=1000
          extensions: mbstring, intl, gd, xsl, gmp, bcmath        
    
      - name: Start MySQL
@@ -63,7 +63,7 @@ jobs:
        id: composer-cache
        run: |
          echo "::set-output name=dir::$(composer config cache-files-dir)"
-      - uses: actions/cache@v1
+      - uses: actions/cache@v3
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -86,7 +86,7 @@ jobs:
        run: composer install --prefer-dist --no-progress
    
      - name: Setup node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
        with:
          node-version: '18'
    
@@ -109,7 +109,7 @@ jobs:
        run: php bin/console --env test doctrine:migrations:migrate -n
    
      - name: Load fixtures
-        run: php bin/console --env test doctrine:fixtures:load -n --purger reset_autoincrement_purger
+        run: php bin/console --env test doctrine:fixtures:load -n
    
      - name: Run PHPunit and generate coverage
        run: ./bin/phpunit --coverage-clover=coverage.xml
@@ -118,6 +118,8 @@ jobs:
        uses: codecov/codecov-action@v3
        with:
          env_vars: PHP_VERSION,DB_TYPE
+          token: ${{ secrets.CODECOV_TOKEN }}
+          fail_ci_if_error: true
          
      - name: Test app:clean-attachments
        run: php bin/console partdb:attachments:clean-unused -n
@@ -130,4 +132,12 @@ jobs:

      - name: Test check-requirements command
        run: php bin/console partdb:check-requirements -n
+
+      - name: Test legacy Part-DB import
+        run: bash .github/assets/legacy_import/test_legacy_import.sh
+        if: matrix.db-type == 'mysql' && matrix.php-versions == '8.2'
+        env:
+          DATABASE_URL: mysql://root:root@localhost:3306/legacy_db
+
+
      
--- a/.gitignore
+++ b/.gitignore
@@ -43,3 +43,7 @@ yarn-error.log
 /phpunit.xml
 .phpunit.result.cache
 ###< phpunit/phpunit ###
+
+###> phpstan/phpstan ###
+phpstan.neon
+###< phpstan/phpstan ###
--- a/28
+++ b/28
@@ -9,7 +9,7 @@ RUN apt-get update && apt-get -y install apt-transport-https lsb-release ca-cert
    && curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg  \
    && sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' \
    && apt-get update && apt-get upgrade -y \
-    && apt-get install -y apache2 php8.1 libapache2-mod-php8.1 php8.1-opcache php8.1-curl php8.1-gd php8.1-mbstring php8.1-xml php8.1-bcmath php8.1-intl php8.1-zip php8.1-xsl php8.1-sqlite3 php8.1-mysql gpg \
+    && apt-get install -y apache2 php8.1 php8.1-fpm php8.1-opcache php8.1-curl php8.1-gd php8.1-mbstring php8.1-xml php8.1-bcmath php8.1-intl php8.1-zip php8.1-xsl php8.1-sqlite3 php8.1-mysql gpg \
    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;

 ENV APACHE_CONFDIR /etc/apache2
@@ -36,8 +36,22 @@ RUN  sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS"
    	ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log"; \
        chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR";

-# Enable mpm_prefork
-RUN a2dismod mpm_event && a2enmod mpm_prefork
+# Enable php-fpm
+RUN a2enmod proxy_fcgi setenvif && a2enconf php8.1-fpm
+
+# Configure php-fpm to log to stdout of the container (stdout of PID 1)
+# We have to use /proc/1/fd/1 because /dev/stdout or /proc/self/fd/1 does not point to the container stdout (because we use apache as entrypoint)
+# We also disable the clear_env option to allow the use of environment variables in php-fpm
+RUN { \
+    echo '[global]'; \
+    echo 'error_log = /proc/1/fd/1'; \
+    echo; \
+    echo '[www]'; \
+    echo 'access.log = /proc/1/fd/1'; \
+    echo 'catch_workers_output = yes'; \
+    echo 'decorate_workers_output = no'; \
+    echo 'clear_env = no'; \
+   } | tee "/etc/php/8.1/fpm/pool.d/zz-docker.conf"

 # PHP files should be handled by PHP, and should be preferred over any other file type
 RUN { \
@@ -64,14 +78,16 @@ RUN  \
        # Configure Realpath cache for performance
        echo 'realpath_cache_size=4096K'; \
        echo 'realpath_cache_ttl=600'; \
-    } > /etc/php/8.1/apache2/conf.d/symfony-recommended.ini
+    } > /etc/php/8.1/fpm/conf.d/symfony-recommended.ini

-# Increase upload limit
+# Increase upload limit and enable preloading
 RUN  \
 	{ \
 		echo 'upload_max_filesize=256M'; \
 		echo 'post_max_size=300M'; \
-    } > /etc/php/8.1/apache2/conf.d/partdb.ini
+        echo 'opcache.preload_user=www-data'; \
+        echo 'opcache.preload=/var/www/html/config/preload.php'; \
+    } > /etc/php/8.1/fpm/conf.d/partdb.ini

 # Install node and yarn
 RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
--- a/README.md
+++ b/README.md
@@ -1,56 +1,68 @@
 [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/Part-DB/Part-DB-symfony/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/Part-DB/Part-DB-symfony/?branch=master)
 ![PHPUnit Tests](https://github.com/Part-DB/Part-DB-symfony/workflows/PHPUnit%20Tests/badge.svg)
 ![Static analysis](https://github.com/Part-DB/Part-DB-symfony/workflows/Static%20analysis/badge.svg)
-[![codecov](https://codecov.io/gh/Part-DB/Part-DB-symfony/branch/master/graph/badge.svg)](https://codecov.io/gh/Part-DB/Part-DB-server)
+[![codecov](https://codecov.io/gh/Part-DB/Part-DB-server/branch/master/graph/badge.svg)](https://codecov.io/gh/Part-DB/Part-DB-server)
 ![GitHub License](https://img.shields.io/github/license/Part-DB/Part-DB-symfony)
-![PHP Version](https://img.shields.io/badge/PHP-%3E%3D%207.4-green)
+![PHP Version](https://img.shields.io/badge/PHP-%3E%3D%208.1-green)

 ![Docker Pulls](https://img.shields.io/docker/pulls/jbtronics/part-db1)
 ![Docker Build Status](https://github.com/Part-DB/Part-DB-symfony/workflows/Docker%20Image%20Build/badge.svg)
 [![Crowdin](https://badges.crowdin.net/e/8325196085d4bee8c04b75f7c915452a/localized.svg)](https://part-db.crowdin.com/part-db)

-**[Documentation](https://docs.part-db.de/)** | **[Demo](https://part-db.herokuapp.com)** | **[Docker Image](https://hub.docker.com/r/jbtronics/part-db1)**
+**[Documentation](https://docs.part-db.de/)** | **[Demo](https://demo.part-db.de/)** | **[Docker Image](https://hub.docker.com/r/jbtronics/part-db1)**

 # Part-DB
-Part-DB is an Open-Source inventory managment system for your electronic components.
+
+Part-DB is an Open-Source inventory management system for your electronic components.
 It is installed on a web server and so can be accessed with any browser without the need to install additional software.

-The version in this Repository is a complete rewrite of the legacy [Part-DB](https://github.com/Part-DB/Part-DB) (Version < 1.0) based on a modern framework. 
-Currently, it is still missing some (minor) features from the old version (see [UPGRADE.md](https://docs.part-db.de/upgrade_legacy.html)) for more details, but also many huge improvements and advantages compared to the old version. 
-If you start completely new with Part-DB it is recommended that you use the version from this repository, as it is actively developed.
+The version in this repository is a complete rewrite of the legacy [Part-DB](https://github.com/Part-DB/Part-DB)
+(Version < 1.0) based on a modern framework and is the recommended version to use.

-If you find a bug, please open an [Issue on Github](https://github.com/Part-DB/Part-DB-server/issues) so it can be fixed for everybody.
+If you find a bug, please open an [Issue on GitHub,](https://github.com/Part-DB/Part-DB-server/issues) so it can be fixed
+for everybody.

 ## Demo
-If you want to test Part-DB without installing it, you can use [this](https://part-db.herokuapp.com) Heroku instance. 
-(Or this link for the [German Version](https://part-db.herokuapp.com/de/)). 
+
+If you want to test Part-DB without installing it, you can use [this](https://demo.part-db.de/) Heroku instance.
+(Or this link for the [German Version](https://demo.part-db.de/de/)).

 You can log in with username: *user* and password: *user*.

 Every change to the master branch gets automatically deployed, so it represents the current development progress and is
-maybe not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading the page
+maybe not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
+the page
 for the first time.

 <img src="https://github.com/Part-DB/Part-DB-server/raw/master/docs/assets/readme/part_info.png">
 <img src="https://github.com/Part-DB/Part-DB-server/raw/master/docs/assets/readme/parts_list.png">

 ## Features
-* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer 
-and multiple store locations and price information. Parts can be grouped using tags. You can associate various files like datasheets or pictures with the parts.
+
+* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer
+  and multiple store locations and price information. Parts can be grouped using tags. You can associate various files
+  like datasheets or pictures with the parts.
 * Multi-Language support (currently German, English, Russian, Japanese and French (experimental))
 * Barcodes/Labels generator for parts and storage locations, scan barcodes via webcam using the builtin barcode scanner
-* User system with groups and detailed (fine granular) permissions. 
-Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups. Password reset via email can be setuped.
-* Import/Export system (partial working)
-* Project management: Create projects and assign parts to the bill of material (BOM), to show how often you could build this project and directly withdraw all components needed from DB
-* Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older versions.
+* User system with groups and detailed (fine granular) permissions.
+  Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups.
+  Password reset via email can be setup.
+* Optional support for single sign-on (SSO) via SAML (using an intermediate service
+  like [Keycloak](https://www.keycloak.org/) you can connect Part-DB to an existing LDAP or Active Directory server)
+* Import/Export system for parts and datastructure. BOM import for projects from KiCAD is supported.
+* Project management: Create projects and assign parts to the bill of material (BOM), to show how often you could build
+  this project and directly withdraw all components needed from DB
+* Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older
+  versions.
 * Responsive design: You can use Part-DB on your PC, your tablet and your smartphone using the same interface.
 * MySQL and SQLite supported as database backends
 * Support for rich text descriptions and comments in parts
 * Support for multiple currencies and automatic update of exchange rates supported
 * Powerful search and filter function, including parametric search (search for parts according to some specifications)
 * Automatic thumbnail generation for pictures
-
+* Use cloud providers (like Octopart, Digikey, farnell or TME) to automatically get part information, datasheets and
+  prices for parts
+* API to access Part-DB from other applications/scripts

 With these features Part-DB is useful to hobbyists, who want to keep track of their private electronic parts inventory,
 or makerspaces, where many users have should have (controlled) access to the shared inventory.
@@ -58,69 +70,93 @@ or makerspaces, where many users have should have (controlled) access to the sha
 Part-DB is also used by small companies and universities for managing their inventory.

 ## Requirements
- * A **web server** (like Apache2 or nginx) that is capable of running [Symfony 5](https://symfony.com/doc/current/reference/requirements.html),
- this includes a minimum PHP version of **PHP 7.4**
- * A **MySQL** (at least 5.7) /**MariaDB** (at least 10.2.2) database server if you do not want to use SQLite.
- * Shell access to your server is highly suggested!
- * For building the client side assets **yarn** and **nodejs** is needed.
- 
+
+* A **web server** (like Apache2 or nginx) that is capable of
+  running [Symfony 5](https://symfony.com/doc/current/reference/requirements.html),
+  this includes a minimum PHP version of **PHP 8.1**
+* A **MySQL** (at least 5.7) /**MariaDB** (at least 10.2.2) database server if you do not want to use SQLite.
+* Shell access to your server is highly suggested!
+* For building the client side assets **yarn** and **nodejs** (>= 18.0) is needed.
+
 ## Installation
-If you want to upgrade your legacy (< 1.0.0) version of Part-DB to this version, please read [this](https://docs.part-db.de/upgrade_legacy.html) first.

-*Hint:* A docker image is available under [jbtronics/part-db1](https://hub.docker.com/r/jbtronics/part-db1). How to set up Part-DB via docker is described [here](https://docs.part-db.de/installation/installation_docker.html).
+If you want to upgrade your legacy (< 1.0.0) version of Part-DB to this version, please
+read [this](https://docs.part-db.de/upgrade_legacy.html) first.

-**Below you find some very rough outline of the installation process, see [here](https://docs.part-db.de/installation/) for a detailed guide how to install Part-DB.**
+*Hint:* A docker image is available under [jbtronics/part-db1](https://hub.docker.com/r/jbtronics/part-db1). How to set
+up Part-DB via docker is described [here](https://docs.part-db.de/installation/installation_docker.html).
+
+**Below you find some very rough outline of the installation process, see [here](https://docs.part-db.de/installation/)
+for a detailed guide how to install Part-DB.**

 1. Copy or clone this repository into a folder on your server.
-2. Configure your webserver to serve from the `public/` folder. See [here](https://symfony.com/doc/current/setup/web_server_configuration.html)
-for additional information.
+2. Configure your webserver to serve from the `public/` folder.
+   See [here](https://symfony.com/doc/current/setup/web_server_configuration.html)
+   for additional information.
 3. Copy the global config file `cp .env .env.local` and edit `.env.local`:
    * Change the line `APP_ENV=dev` to `APP_ENV=prod`
-    * If you do not want to use SQLite, change the value of `DATABASE_URL=` to your needs (see [here](http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url)) for the format.
-      In bigger instances with concurrent accesses, MySQL is more performant. This can not be changed easily later, so choose wisely.
+    * If you do not want to use SQLite, change the value of `DATABASE_URL=` to your needs (
+      see [here](http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url))
+      for the format.
+      In bigger instances with concurrent accesses, MySQL is more performant. This can not be changed easily later, so
+      choose wisely.
 4. Install composer dependencies and generate autoload files: `composer install -o --no-dev`
-5. If you have put Part-DB into a sub-directory on your server (like `part-db/`), you have to edit the file 
-`webpack.config.js` and uncomment the lines (remove the `//` before the lines) `.setPublicPath('/part-db/build')` (line 43) and
- `.setManifestKeyPrefix('build/')` (line 44). You have to replace `/part-db` with your own path on line 44.
-6. Install client side dependencies and build it: `yarn install` and `yarn build`
-7. _Optional_ (speeds up first load): Warmup cache: `php bin/console cache:warmup`
-8. Upgrade database to new scheme (or create it, when it was empty): `php bin/console doctrine:migrations:migrate` and follow the instructions given. During the process the password for the admin is user is shown. Copy it. **Caution**: This steps tamper with your database and could potentially destroy it. So make sure to make a backup of your database.
-9. You can configure Part-DB via `config/parameters.yaml`. You should check if settings match your expectations, after you installed/upgraded Part-DB. Check if `partdb.default_currency` matches your mainly used currency (this can not be changed after creating price informations). 
+5. Install client side dependencies and build it: `yarn install` and `yarn build`
+6. _Optional_ (speeds up first load): Warmup cache: `php bin/console cache:warmup`
+7. Upgrade database to new scheme (or create it, when it was empty): `php bin/console doctrine:migrations:migrate` and
+   follow the instructions given. During the process the password for the admin is user is shown. Copy it. **Caution**:
+   This steps tamper with your database and could potentially destroy it. So make sure to make a backup of your
+   database.
+8. You can configure Part-DB via `config/parameters.yaml`. You should check if settings match your expectations, after
+   you installed/upgraded Part-DB. Check if `partdb.default_currency` matches your mainly used currency (this can not be
+   changed after creating price information).
   Run `php bin/console cache:clear` when you changed something.
-10. Access Part-DB in your browser (under the URL you put it) and login with user *admin*. Password is the one outputted during DB setup.
-   If you can not remember the password, set a new one with `php bin/console app:set-password admin`. You can create new users with the admin user and start using Part-DB.
+9. Access Part-DB in your browser (under the URL you put it) and login with user *admin*. Password is the one outputted
+   during DB setup.
+   If you can not remember the password, set a new one with `php bin/console app:set-password admin`. You can create
+   new users with the admin user and start using Part-DB.

 When you want to upgrade to a newer version, then just copy the new files into the folder
 and repeat the steps 4. to 7.

-Normally a random password is generated when the admin user is created during inital database creation,
-however you can set the inital admin password, by setting the `INITIAL_ADMIN_PW` env var.
+Normally a random password is generated when the admin user is created during initial database creation,
+however you can set the initial admin password, by setting the `INITIAL_ADMIN_PW` env var.

-You can configure Part-DB to your needs by changing environment variables in the `.env.local` file. 
+You can configure Part-DB to your needs by changing environment variables in the `.env.local` file.
 See [here](https://docs.part-db.de/configuration.html) for more information.

 ### Reverse proxy
-If you are using a reverse proxy, you have to ensure that the proxies sets the `X-Forwarded-*` headers correctly, or you will get HTTP/HTTPS mixup and wrong hostnames.
-If the reverse proxy is on a different server (or it cannot access Part-DB via localhost) you have to set the `TRUSTED_PROXIES` env variable to match your reverse proxies IP-address (or IP block). You can do this in your `.env.local` or (when using docker) in your `docker-compose.yml` file.
+
+If you are using a reverse proxy, you have to ensure that the proxies sets the `X-Forwarded-*` headers correctly, or you
+will get HTTP/HTTPS mixup and wrong hostnames.
+If the reverse proxy is on a different server (or it cannot access Part-DB via localhost) you have to set
+the `TRUSTED_PROXIES` env variable to match your reverse proxies IP-address (or IP block). You can do this in
+your `.env.local` or (when using docker) in your `docker-compose.yml` file.

 ## Donate for development
+
 If you want to donate to the Part-DB developer, see the sponsor button in the top bar (next to the repo name).
 There you will find various methods to support development on a monthly or a one time base.

 ## Built with
+
 * [Symfony 5](https://symfony.com/): The main framework used for the serverside PHP
 * [Bootstrap 5](https://getbootstrap.com/) and [Bootswatch](https://bootswatch.com/): Used as website theme
 * [Fontawesome](https://fontawesome.com/): Used as icon set
-* [Hotwire Stimulus](https://stimulus.hotwired.dev/) and [Hotwire Turbo](https://turbo.hotwired.dev/): Frontend Javascript
+* [Hotwire Stimulus](https://stimulus.hotwired.dev/) and [Hotwire Turbo](https://turbo.hotwired.dev/): Frontend
+  Javascript

 ## Authors
-* **Jan Böhmer** - *Inital work* - [Github](https://github.com/jbtronics/)

-See also the list of [contributors](https://github.com/Part-DB/Part-DB-server/graphs/contributors) who participated in this project.
+* **Jan Böhmer** - *Initial work* - [GitHub](https://github.com/jbtronics/)
+
+See also the list of [contributors](https://github.com/Part-DB/Part-DB-server/graphs/contributors) who participated in
+this project.

 Based on the original Part-DB by Christoph Lechner and K. Jacobs

 ## License
+
 Part-DB is licensed under the GNU Affero General Public License v3.0 (or at your opinion any later).
 This mostly means that you can use Part-DB for whatever you want (even use it commercially)
 as long as you publish the source code for every change you make under the AGPL, too.
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -9,4 +9,4 @@ fixed before the next release. However, if you find a security vulnerability in

 ## Reporting a Vulnerability

-If you find a security vulnerability, contact the maintainer directly (Email: security@part-db.de).
+If you find a security vulnerability, report a vulnerability in the [security section of GitHub](https://github.com/Part-DB/Part-DB-server/security/advisories) or contact the maintainer directly (Email: security@part-db.de)
--- a/2
+++ b/2
@@ -1 +1 @@
-1.0.2
+1.9.0
--- a/assets/bootstrap.js
+++ b/assets/bootstrap.js
@@ -4,8 +4,7 @@ import { startStimulusApp } from '@symfony/stimulus-bridge';
 export const app = startStimulusApp(require.context(
    '@symfony/stimulus-bridge/lazy-controller-loader!./controllers',
    true,
-    /\.(j|t)sx?$/
+    /\.[jt]sx?$/
 ));
-
 // register any custom, 3rd party controllers here
 // app.register('some_controller_name', SomeImportedController);
--- a/assets/ckeditor/html_label.js
+++ b/assets/ckeditor/html_label.js
@@ -181,7 +181,8 @@ Editor.defaultConfig = {
            'DejaVu Serif, serif',
            'Helvetica, Arial, sans-serif',
            'Times New Roman, Times, serif',
-            'Courier New, Courier, monospace'
+            'Courier New, Courier, monospace',
+            'Unifont, monospace',
        ],
        supportAllValues: true
    },
--- a/assets/ckeditor/plugins/PartDBLabel/PartDBLabelUI.js
+++ b/assets/ckeditor/plugins/PartDBLabel/PartDBLabelUI.js
@@ -76,6 +76,7 @@ const PLACEHOLDERS = [
            ['[[FOOTPRINT_FULL]]', 'Footprint (Full path)'],
            ['[[MASS]]', 'Mass'],
            ['[[MPN]]', 'Manufacturer Product Number (MPN)'],
+            ['[[IPN]]', 'Internal Part Number (IPN)'],
            ['[[TAGS]]', 'Tags'],
            ['[[M_STATUS]]', 'Manufacturing status'],
            ['[[DESCRIPTION]]', 'Description'],
@@ -84,6 +85,9 @@ const PLACEHOLDERS = [
            ['[[COMMENT_T]]', 'Comment (plain text)'],
            ['[[LAST_MODIFIED]]', 'Last modified datetime'],
            ['[[CREATION_DATE]]', 'Creation datetime'],
+            ['[[IPN_BARCODE_QR]]', 'IPN as QR code'],
+            ['[[IPN_BARCODE_C128]]', 'IPN as Code 128 barcode'],
+            ['[[IPN_BARCODE_C39]]', 'IPN as Code 39 barcode'],
        ]
    },
    {
@@ -96,6 +100,8 @@ const PLACEHOLDERS = [
            ['[[AMOUNT]]', 'Lot amount'],
            ['[[LOCATION]]', 'Storage location'],
            ['[[LOCATION_FULL]]', 'Storage location (Full path)'],
+            ['[[OWNER]]', 'Full name of the lot owner'],
+            ['[[OWNER_USERNAME]]', 'Username of the lot owner'],
        ]
    },
    {
@@ -110,6 +116,8 @@ const PLACEHOLDERS = [
            ['[[COMMENT_T]]', 'Comment (plain text)'],
            ['[[LAST_MODIFIED]]', 'Last modified datetime'],
            ['[[CREATION_DATE]]', 'Creation datetime'],
+            ['[[OWNER]]', 'Full name of the location owner'],
+            ['[[OWNER_USERNAME]]', 'Username of the location owner'],
        ]
    },
    {
--- a/assets/ckeditor/plugins/PartDBLabel/lang/de.js
+++ b/assets/ckeditor/plugins/PartDBLabel/lang/de.js
@@ -39,6 +39,7 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'Footprint (Full path)': 'Footprint (Vollständiger Pfad)',
    'Mass': 'Gewicht',
    'Manufacturer Product Number (MPN)': 'Hersteller Produktnummer (MPN)',
+    'Internal Part Number (IPN)': 'Internal Part Number (IPN)',
    'Tags': 'Tags',
    'Manufacturing status': 'Herstellungsstatus',
    'Description': 'Beschreibung',
@@ -47,6 +48,9 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'Comment (plain text)': 'Kommentar (Nur-Text)',
    'Last modified datetime': 'Zuletzt geändert',
    'Creation datetime': 'Erstellt',
+    'IPN as QR code': 'IPN als QR Code',
+    'IPN as Code 128 barcode': 'IPN als Code 128 Barcode',
+    'IPN as Code 39 barcode': 'IPN als Code 39 Barcode',

    'Lot ID': 'Lot ID',
    'Lot name': 'Lot Name',
@@ -55,6 +59,8 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'Lot amount': 'Lot Menge',
    'Storage location': 'Lagerort',
    'Storage location (Full path)': 'Lagerort (Vollständiger Pfad)',
+    'Full name of the lot owner': 'Name des Besitzers des Lots',
+    'Username of the lot owner': 'Benutzername des Besitzers des Lots',


    'Barcodes': 'Barcodes',
@@ -69,6 +75,8 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'Full path': 'Vollständiger Pfad',
    'Parent name': 'Name des Übergeordneten Elements',
    'Parent full path': 'Ganzer Pfad des Übergeordneten Elements',
+    'Full name of the location owner': 'Name des Besitzers des Lagerorts',
+    'Username of the location owner': 'Benutzername des Besitzers des Lagerorts',

    'Username': 'Benutzername',
    'Username (including name)': 'Benutzername (inklusive Name)',
--- a/assets/ckeditor/plugins/special_characters_emoji.js
+++ b/assets/ckeditor/plugins/special_characters_emoji.js
@@ -30,9 +30,73 @@ export default class SpecialCharactersEmoji extends Plugin {
        const editor = this.editor;
        const specialCharsPlugin = editor.plugins.get('SpecialCharacters');

+        //Add greek characters to special characters
+        specialCharsPlugin.addItems('Greek', this.getGreek());
+
+        //Add Emojis to special characters
        specialCharsPlugin.addItems('Emoji', this.getEmojis());
    }

+    getGreek() {
+        return [
+            { title: 'Alpha', character: 'Α' },
+            { title: 'Beta', character: 'Β' },
+            { title: 'Gamma', character: 'Γ' },
+            { title: 'Delta', character: 'Δ' },
+            { title: 'Epsilon', character: 'Ε' },
+            { title: 'Zeta', character: 'Ζ' },
+            { title: 'Eta', character: 'Η' },
+            { title: 'Theta', character: 'Θ' },
+            { title: 'Iota', character: 'Ι' },
+            { title: 'Kappa', character: 'Κ' },
+            { title: 'Lambda', character: 'Λ' },
+            { title: 'Mu', character: 'Μ' },
+            { title: 'Nu', character: 'Ν' },
+            { title: 'Xi', character: 'Ξ' },
+            { title: 'Omicron', character: 'Ο' },
+            { title: 'Pi', character: 'Π' },
+            { title: 'Rho', character: 'Ρ' },
+            { title: 'Sigma', character: 'Σ' },
+            { title: 'Tau', character: 'Τ' },
+            { title: 'Upsilon', character: 'Υ' },
+            { title: 'Phi', character: 'Φ' },
+            { title: 'Chi', character: 'Χ' },
+            { title: 'Psi', character: 'Ψ' },
+            { title: 'Omega', character: 'Ω' },
+            { title: 'alpha', character: 'α' },
+            { title: 'beta', character: 'β' },
+            { title: 'gamma', character: 'γ' },
+            { title: 'delta', character: 'δ' },
+            { title: 'epsilon', character: 'ε' },
+            { title: 'zeta', character: 'ζ' },
+            { title: 'eta', character: 'η' },
+            { title: 'theta', character: 'θ' },
+            { title: 'alternate theta', character: 'ϑ' },
+            { title: 'iota', character: 'ι' },
+            { title: 'kappa', character: 'κ' },
+            { title: 'lambda', character: 'λ' },
+            { title: 'mu', character: 'μ' },
+            { title: 'nu', character: 'ν' },
+            { title: 'xi', character: 'ξ' },
+            { title: 'omicron', character: 'ο' },
+            { title: 'pi', character: 'π' },
+            { title: 'rho', character: 'ρ' },
+            { title: 'sigma', character: 'σ' },
+            { title: 'tau', character: 'τ' },
+            { title: 'upsilon', character: 'υ' },
+            { title: 'phi', character: 'φ' },
+            { title: 'chi', character: 'χ' },
+            { title: 'psi', character: 'ψ' },
+            { title: 'omega', character: 'ω' },
+            { title: 'digamma', character: 'Ϝ' },
+            { title: 'stigma', character: 'Ϛ' },
+            { title: 'heta', character: 'Ͱ' },
+            { title: 'sampi', character: 'Ϡ' },
+            { title: 'koppa', character: 'Ϟ' },
+            { title: 'san', character: 'Ϻ' },
+        ];
+    }
+
    getEmojis() {
        //Map our emoji data to the format the plugin expects
        return emoji.map(emoji => {
--- a/assets/controllers/common/darkmode_controller.js
+++ b/assets/controllers/common/darkmode_controller.js
@@ -18,43 +18,118 @@
 */

 import {Controller} from "@hotwired/stimulus";
-import Darkmode from "darkmode-js/src";
-import "darkmode-js"

 export default class extends Controller {

-    _darkmode;
-
    connect() {
-        if (typeof window.getComputedStyle(document.body).mixBlendMode == 'undefined') {
-            console.warn("The browser does not support mix blend mode. Darkmode will not work.");
+        this.setMode(this.getMode());
+        document.querySelectorAll('input[name="darkmode"]').forEach((radio) => {
+            radio.addEventListener('change', this._radioChanged.bind(this));
+        });
+    }
+
+    /**
+     * Event listener for the change of radio buttons
+     * @private
+     */
+    _radioChanged(event) {
+        const new_mode = this.getSelectedMode();
+        this.setMode(new_mode);
+    }
+
+    /**
+     * Get the current mode from the local storage
+     * @return {'dark', 'light', 'auto'}
+     */
+    getMode() {
+        return localStorage.getItem('darkmode') ?? 'auto';
+    }
+
+    /**
+     * Set the mode in the local storage and apply it and change the state of the radio buttons
+     * @param mode
+     */
+    setMode(mode) {
+        if (mode !== 'dark' && mode !== 'light' && mode !== 'auto') {
+            console.warn('Invalid darkmode mode: ' + mode);
+            mode = 'auto';
+        }
+
+        localStorage.setItem('darkmode', mode);
+
+        this.setButtonMode(mode);
+
+        if (mode === 'auto') {
+            this._setDarkmodeAuto();
+        } else if (mode === 'dark') {
+            this._enableDarkmode();
+        } else if (mode === 'light') {
+            this._disableDarkmode();
+        }
+    }
+
+    /**
+     * Get the selected mode via the radio buttons
+     * @return {'dark', 'light', 'auto'}
+     */
+    getSelectedMode() {
+        return document.querySelector('input[name="darkmode"]:checked').value;
+    }
+
+    /**
+     * Set the state of the radio buttons
+     * @param mode
+     */
+    setButtonMode(mode) {
+        document.querySelector('input[name="darkmode"][value="' + mode + '"]').checked = true;
+    }
+
+    /**
+     * Enable darkmode by adding the data-bs-theme="dark" to the html tag
+     * @private
+     */
+    _enableDarkmode() {
+        //Add data-bs-theme="dark" to the html tag
+        document.documentElement.setAttribute('data-bs-theme', 'dark');
+    }
+
+    /**
+     * Disable darkmode by adding the data-bs-theme="light" to the html tag
+     * @private
+     */
+    _disableDarkmode() {
+        //Set data-bs-theme to light
+        document.documentElement.setAttribute('data-bs-theme', 'light');
+    }
+
+
+    /**
+     * Set the darkmode to auto and enable/disable it depending on the system settings, also add
+     * an event listener to change the darkmode if the system settings change
+     * @private
+     */
+    _setDarkmodeAuto() {
+        if (this.getMode() !== 'auto') {
            return;
        }

-        try {
-            const darkmode = new Darkmode();
-            this._darkmode = darkmode;
-
-            //Unhide darkmode button
-            this._showWidget();
-
-            //Set the switch according to our current darkmode state
-            const toggler = document.getElementById("toggleDarkmode");
-            toggler.checked = darkmode.isActivated();
-        }
-        catch (e)
-        {
-            console.error(e);
+        if (window.matchMedia && window.matchMedia('(prefers-color-scheme: dark)').matches) {
+            this._enableDarkmode();
+        } else {
+            this._disableDarkmode();
        }

-
+        window.matchMedia('(prefers-color-scheme: dark)').addEventListener('change', event => {
+            console.log('Prefered color scheme changed to ' + event.matches ? 'dark' : 'light');
+            this._setDarkmodeAuto();
+        });
    }

-    _showWidget() {
-        this.element.classList.remove('hidden');
-    }
-
-    toggleDarkmode() {
-        this._darkmode.toggle();
+    /**
+     * Check if darkmode is activated
+     * @return {boolean}
+     */
+    isDarkmodeActivated() {
+        return document.documentElement.getAttribute('data-bs-theme') === 'dark';
    }
 }
--- a/assets/controllers/common/markdown_controller.js
+++ b/assets/controllers/common/markdown_controller.js
@@ -21,6 +21,8 @@

 import { Controller } from '@hotwired/stimulus';
 import { marked } from "marked";
+import { mangle } from "marked-mangle";
+import { gfmHeadingId } from "marked-gfm-heading-id";
 import DOMPurify from 'dompurify';

 import "../../css/app/markdown.css";
@@ -81,6 +83,10 @@ export default class extends Controller {
     */
    configureMarked()
    {
+        marked.use(mangle());
+        marked.use(gfmHeadingId({
+        }));
+
        marked.setOptions({
            gfm: true,
        });
--- a/assets/controllers/elements/collection_type_controller.js
+++ b/assets/controllers/elements/collection_type_controller.js
@@ -61,7 +61,7 @@ export default class extends Controller {

        if(!prototype) {
            console.warn("Prototype is not set, we cannot create a new element. This is most likely due to missing permissions.");
-            bootbox.alert("You do not have the permsissions to create a new element. (No protoype element is set)");
+            bootbox.alert("You do not have the permissions to create a new element. (No protoype element is set)");
            return;
        }

--- a/assets/controllers/elements/datatables/datatables_controller.js
+++ b/assets/controllers/elements/datatables/datatables_controller.js
@@ -65,8 +65,22 @@ export default class extends Controller {
        localStorage.setItem( this.getStateSaveKey(), JSON.stringify(data) );
    }

-    stateLoadCallback(settings) {
-        return JSON.parse( localStorage.getItem(this.getStateSaveKey()) );
+    stateLoadCallback() {
+        const json = localStorage.getItem(this.getStateSaveKey());
+        if(json === null || json === undefined) {
+            return null;
+        }
+
+        const data = JSON.parse(json);
+
+        if (data) {
+            //Do not save the start value (current page), as we want to always start at the first page on a page reload
+            delete data.start;
+            //Reset the data length to the default value by deleting the length property
+            delete data.length;
+        }
+
+        return data;
    }

    connect() {
@@ -81,6 +95,19 @@ export default class extends Controller {
        //Add url info, as the one available in the history is not enough, as Turbo may have not changed it yet
        settings.url = this.element.dataset.dtUrl;

+        //Add initial_order info to the settings, so that the order on the initial page load is the one saved in the state
+        const saved_state = this.stateLoadCallback();
+        if (saved_state !== null) {
+            const raw_order = saved_state.order;
+
+            settings.initial_order = raw_order.map((order) => {
+                return {
+                    column: order[0],
+                    dir: order[1]
+                }
+            });
+        }
+
        let options = {
            colReorder: true,
            responsive: true,
@@ -90,7 +117,7 @@ export default class extends Controller {
            },
            buttons: [{
                "extend": 'colvis',
-                'className': 'mr-2 btn-light',
+                'className': 'mr-2 btn-outline-secondary',
                'columns': ':not(.no-colvis)',
                "text": "<i class='fa fa-cog'></i>"
            }],
@@ -116,6 +143,22 @@ export default class extends Controller {
                console.error("Error initializing datatables: " + err);
            });

+        //Fix height of the length selector
+        promise.then((dt) => {
+            //Find all length selectors (select with name dt_length), which are inside a label
+            const lengthSelectors = document.querySelectorAll('label select[name="dt_length"]');
+            //And remove the surrounding label, while keeping the select with all event handlers
+            lengthSelectors.forEach((selector) => {
+                selector.parentElement.replaceWith(selector);
+            });
+
+            //Find all column visibility buttons (button with buttons-colvis class) and remove the btn-secondary class
+            const colVisButtons = document.querySelectorAll('button.buttons-colvis');
+            colVisButtons.forEach((button) => {
+                button.classList.remove('btn-secondary');
+            });
+        });
+
        //Dispatch an event to let others know that the datatables has been loaded
        promise.then((dt) => {
            const event = new CustomEvent(EVENT_DT_LOADED, {bubbles: true});
@@ -196,4 +239,16 @@ export default class extends Controller {
        return this.element.dataset.select ?? false;
    }

-}
+    invertSelection() {
+        //Do nothing if the datatable is not selectable
+        if(!this.isSelectable()) {
+            return;
+        }
+
+        //Invert the selected rows on the datatable
+        const selected_rows = this._dt.rows({selected: true});
+        this._dt.rows().select();
+        selected_rows.deselect();
+    }
+
+}
--- a/assets/controllers/elements/datatables/parts_controller.js
+++ b/assets/controllers/elements/datatables/parts_controller.js
@@ -107,6 +107,13 @@ export default class extends DatatablesController {
            //Hide the select element (the tomselect button is the sibling of the select element)
            select_target.nextElementSibling.classList.add('d-none');
        }
+
+        //If the selected option has a data-turbo attribute, set it to the form
+        if (selected_option.dataset.turbo) {
+            this.element.dataset.turbo = selected_option.dataset.turbo;
+        } else {
+            this.element.dataset.turbo = true;
+        }
    }

    confirmDeletionAtSubmit(event) {
--- a/assets/controllers/elements/delete_btn_controller.js
+++ b/assets/controllers/elements/delete_btn_controller.js
@@ -29,62 +29,47 @@ export default class extends Controller
        this._confirmed = false;
    }

-    click(event) {
-        //If a user has not already confirmed the deletion, just let turbo do its work
-        if(this._confirmed) {
-            this._confirmed = false;
-            return;
-        }
-
-        event.preventDefault();
-
-        const message = this.element.dataset.deleteMessage;
-        const title = this.element.dataset.deleteTitle;
-
-        const that = this;
-
-        const confirm = bootbox.confirm({
-            message: message, title: title, callback: function (result) {
-                //If the dialog was confirmed, then submit the form.
-                if (result) {
-                    that._confirmed = true;
-                    event.target.click();
-                } else {
-                    that._confirmed = false;
-                }
-            }
-        });
-    }
-
    submit(event) {
        //If a user has not already confirmed the deletion, just let turbo do its work
-        if(this._confirmed) {
+        if (this._confirmed) {
            this._confirmed = false;
            return;
        }

        //Prevent turbo from doing its work
        event.preventDefault();
+        event.stopPropagation();

        const message = this.element.dataset.deleteMessage;
        const title = this.element.dataset.deleteTitle;

-        const form = this.element;
+        //Use event target, to find the form, where the submit button was clicked
+        const form = event.target;
+        const submitter = event.submitter;
        const that = this;

-        //Create a clone of the event with the same submitter, so we can redispatch it if needed
-        //We need to do this that way, as we need the submitter info, just calling form.submit() would not work
-        this._our_event = new SubmitEvent('submit', {
-            submitter: event.submitter,
-            bubbles: true, //This line is important, otherwise Turbo will not receive the event
-        });
-
        const confirm = bootbox.confirm({
            message: message, title: title, callback: function (result) {
                //If the dialog was confirmed, then submit the form.
                if (result) {
+                    //Set a flag to prevent the dialog from popping up again and allowing turbo to submit the form
                    that._confirmed = true;
-                    form.dispatchEvent(that._our_event);
+
+                    //Create a submit button in the form and click it to submit the form
+                    //Before a submit event was dispatched, but this caused weird issues on Firefox causing the delete request being posted twice (and the second time was returning 404). See https://github.com/Part-DB/Part-DB-server/issues/273
+                    const submit_btn = document.createElement('button');
+                    submit_btn.type = 'submit';
+                    submit_btn.style.display = 'none';
+
+                    //If the clicked button has a value, set it on the submit button
+                    if (submitter.value) {
+                        submit_btn.value = submitter.value;
+                    }
+                    if (submitter.name) {
+                        submit_btn.name = submitter.name;
+                    }
+                    form.appendChild(submit_btn);
+                    submit_btn.click();
                } else {
                    that._confirmed = false;
                }
--- a/assets/controllers/elements/json_formatter_controller.js
+++ b/assets/controllers/elements/json_formatter_controller.js
@@ -0,0 +1,40 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+
+import {Controller} from "@hotwired/stimulus";
+
+import JSONFormatter from 'json-formatter-js';
+
+/**
+ * This controller implements an element that renders a JSON object as a collapsible tree.
+ * The JSON object is passed as a data attribute.
+ * You have to apply the controller to a div element or similar block element which can contain other elements.
+ */
+export default class extends Controller {
+    connect() {
+        const depth_to_open = this.element.dataset.depthToOpen ?? 0;
+        const json_string = this.element.dataset.json;
+        const json_object = JSON.parse(json_string);
+
+        const formatter = new JSONFormatter(json_object, depth_to_open);
+
+        this.element.appendChild(formatter.render());
+    }
+}
--- a/assets/controllers/elements/link_confirm_controller.js
+++ b/assets/controllers/elements/link_confirm_controller.js
@@ -0,0 +1,72 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+import * as bootbox from "bootbox";
+import "../../css/components/bootbox_extensions.css";
+
+export default class extends Controller
+{
+
+    static values = {
+        message: String,
+        title: String
+    }
+
+
+
+    connect()
+    {
+        this._confirmed = false;
+
+        this.element.addEventListener('click', this._onClick.bind(this));
+    }
+
+    _onClick(event)
+    {
+
+        //If a user has not already confirmed the deletion, just let turbo do its work
+        if (this._confirmed) {
+            this._confirmed = false;
+            return;
+        }
+
+        event.preventDefault();
+        event.stopPropagation();
+
+        const that = this;
+
+        bootbox.confirm({
+            title: this.titleValue,
+            message: this.messageValue,
+            callback: (result) => {
+                if (result) {
+                    //Set a flag to prevent the dialog from popping up again and allowing turbo to submit the form
+                    that._confirmed = true;
+
+                    //Click the link
+                    that.element.click();
+                } else {
+                    that._confirmed = false;
+                }
+            }
+        });
+    }
+}
--- a/assets/controllers/elements/localStorage_checkbox_controller.js
+++ b/assets/controllers/elements/localStorage_checkbox_controller.js
@@ -0,0 +1,67 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller
+{
+    static values = {
+        id: String
+    }
+
+    connect() {
+        this.loadState()
+        this.element.addEventListener('change', () => {
+            this.saveState()
+        });
+    }
+
+    loadState() {
+        let storageKey = this.getStorageKey();
+        let value = localStorage.getItem(storageKey);
+        if (value === null) {
+            return;
+        }
+
+        if (value === 'true') {
+            this.element.checked = true
+        }
+        if (value === 'false') {
+            this.element.checked = false
+        }
+    }
+
+    saveState() {
+        let storageKey = this.getStorageKey();
+
+        if (this.element.checked) {
+            localStorage.setItem(storageKey, 'true');
+        } else {
+            localStorage.setItem(storageKey, 'false');
+        }
+    }
+
+    getStorageKey() {
+        if (this.hasIdValue) {
+            return 'persistent_checkbox_' + this.idValue
+        }
+
+        return 'persistent_checkbox_' + this.element.id;
+    }
+}
--- a/assets/controllers/elements/part_select_controller.js
+++ b/assets/controllers/elements/part_select_controller.js
@@ -27,7 +27,7 @@ export default class extends Controller {
                    }

                    let tmp = '<div class="row m-0">' +
-                        "<div class='col-2 p-0 d-flex align-items-center'>" +
+                        "<div class='col-2 p-0 d-flex align-items-center' style='max-width: 80px;'>" +
                        (data.image ? "<img class='typeahead-image' src='" + data.image + "'/>" : "") +
                        "</div>" +
                        "<div class='col-10'>" +
--- a/assets/controllers/elements/password_strength_estimate_controller.js
+++ b/assets/controllers/elements/password_strength_estimate_controller.js
@@ -0,0 +1,123 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+
+import {Controller} from "@hotwired/stimulus";
+import { zxcvbn, zxcvbnOptions } from '@zxcvbn-ts/core';
+import * as zxcvbnCommonPackage from '@zxcvbn-ts/language-common';
+import * as zxcvbnEnPackage from '@zxcvbn-ts/language-en';
+import * as zxcvbnDePackage from '@zxcvbn-ts/language-de';
+import * as zxcvbnFrPackage from '@zxcvbn-ts/language-fr';
+import * as zxcvbnJaPackage from '@zxcvbn-ts/language-ja';
+import {trans, USER_PASSWORD_STRENGTH_VERY_WEAK, USER_PASSWORD_STRENGTH_WEAK, USER_PASSWORD_STRENGTH_MEDIUM,
+    USER_PASSWORD_STRENGTH_STRONG, USER_PASSWORD_STRENGTH_VERY_STRONG} from '../../translator.js';
+
+/* stimulusFetch: 'lazy' */
+export default class extends Controller {
+
+    _passwordInput;
+
+    static targets = ["badge", "warning"]
+
+    _getTranslations() {
+        //Get the current locale
+        const locale = document.documentElement.lang;
+        if (locale.includes('de')) {
+            return zxcvbnDePackage.translations;
+        } else if (locale.includes('fr')) {
+            return zxcvbnFrPackage.translations;
+        } else if (locale.includes('ja')) {
+            return zxcvbnJaPackage.translations;
+        }
+
+        //Fallback to english
+        return zxcvbnEnPackage.translations;
+    }
+
+    connect() {
+        //Find the password input field
+        this._passwordInput = this.element.querySelector('input[type="password"]');
+
+        //Configure zxcvbn
+        const options = {
+            graphs: zxcvbnCommonPackage.adjacencyGraphs,
+            dictionary: {
+                ...zxcvbnCommonPackage.dictionary,
+                // We could use the english dictionary here too, but it is very big. So we just use the common words
+                //...zxcvbnEnPackage.dictionary,
+            },
+            translations: this._getTranslations(),
+        };
+        zxcvbnOptions.setOptions(options);
+
+        //Add event listener to the password input field
+        this._passwordInput.addEventListener('input', this._onPasswordInput.bind(this));
+    }
+
+    _onPasswordInput() {
+        //Retrieve the password
+        const password = this._passwordInput.value;
+
+        //Estimate the password strength
+        const result = zxcvbn(password);
+
+        //Update the badge
+        this.badgeTarget.parentElement.classList.remove("d-none");
+        this._setBadgeToLevel(result.score);
+
+        this.warningTarget.innerHTML = result.feedback.warning;
+    }
+
+    _setBadgeToLevel(level) {
+        let text, classes;
+
+        switch (level) {
+            case 0:
+                text = trans(USER_PASSWORD_STRENGTH_VERY_WEAK);
+                classes = "bg-danger badge-danger";
+                break;
+            case 1:
+                text = trans(USER_PASSWORD_STRENGTH_WEAK);
+                classes = "bg-warning badge-warning";
+                break;
+            case 2:
+                text = trans(USER_PASSWORD_STRENGTH_MEDIUM)
+                classes = "bg-info badge-info";
+                break;
+            case 3:
+                text = trans(USER_PASSWORD_STRENGTH_STRONG);
+                classes = "bg-primary badge-primary";
+                break;
+            case 4:
+                text = trans(USER_PASSWORD_STRENGTH_VERY_STRONG);
+                classes = "bg-success badge-success";
+                break;
+            default:
+                text = "???";
+                classes = "bg-secondary badge-secondary";
+        }
+
+        this.badgeTarget.innerHTML = text;
+        //Remove all classes
+        this.badgeTarget.className = '';
+        //Re-add the classes
+        this.badgeTarget.classList.add("badge");
+        this.badgeTarget.classList.add(...classes.split(" "));
+    }
+}
--- a/assets/controllers/elements/structural_entity_select_controller.js
+++ b/assets/controllers/elements/structural_entity_select_controller.js
@@ -22,6 +22,8 @@ import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";
 import {Controller} from "@hotwired/stimulus";

+import {trans, ENTITY_SELECT_GROUP_NEW_NOT_ADDED_TO_DB} from '../../translator.js'
+

 export default class extends Controller {
    _tomSelect;
@@ -40,8 +42,7 @@ export default class extends Controller {
            allowEmptyOption: true,
            selectOnTab: true,
            maxOptions: null,
-            create: allowAdd,
-            createFilter: /\D/, //Must contain a non-digit character, otherwise they would be recognized as DB ID
+            create: allowAdd ? this.createItem.bind(this) : false,

            searchField: [
                {field: "text", weight : 2},
@@ -57,10 +58,39 @@ export default class extends Controller {
                        '<small class="text-muted float-end">(' + addHint +')</small>' +
                        '</div>';
                },
-            }
+            },
+
+            //Add callbacks to update validity
+            onInitialize: this.updateValidity.bind(this),
+            onChange: this.updateValidity.bind(this),
        };

        this._tomSelect = new TomSelect(this.element, settings);
+        //Do not do a sync here as this breaks the initial rendering of the empty option
+        //this._tomSelect.sync();
+    }
+
+    createItem(input, callback) {
+        callback({
+            //$%$ is a special value prefix, that is used to identify items, that are not yet in the DB
+            value: '$%$' + input,
+            text: input,
+            not_in_db_yet: true,
+        });
+    }
+
+
+    updateValidity() {
+        //Mark this input as invalid, if the selected option is disabled
+
+        const input = this.element;
+        const selectedOption = input.options[input.selectedIndex];
+
+        if (selectedOption && selectedOption.disabled) {
+            input.setCustomValidity("This option was disabled. Please select another option.");
+        } else {
+            input.setCustomValidity("");
+        }
    }

    getTomSelect() {
@@ -78,14 +108,27 @@ export default class extends Controller {
        }

        if (data.short) {
-            return '<div><b>' + escape(data.short) + '</b></div>';
+            let short = escape(data.short)
+
+            //Make text italic, if the item is not yet in the DB
+            if (data.not_in_db_yet) {
+                short = '<i>' + short + '</i>';
+            }
+
+            return '<div><b>' + short + '</b></div>';
        }

        let name = "";
        if (data.parent) {
            name += escape(data.parent) + "&nbsp;→&nbsp;";
        }
-        name += "<b>" + escape(data.text) + "</b>";
+
+        if (data.not_in_db_yet) {
+            //Not yet added items are shown italic and with a badge
+            name += "<i><b>" + escape(data.text) + "</b></i>" + "<span class='ms-3 badge bg-info badge-info'>" + trans(ENTITY_SELECT_GROUP_NEW_NOT_ADDED_TO_DB) + "</span>";
+        } else {
+            name += "<b>" + escape(data.text) + "</b>";
+        }

        return '<div>' + (data.image ? "<img class='structural-entity-select-image' style='margin-right: 5px;' ' src='" + data.image + "'/>" : "") + name + '</div>';
    }
--- a/assets/controllers/elements/tree_controller.js
+++ b/assets/controllers/elements/tree_controller.js
@@ -81,6 +81,14 @@ export default class extends Controller {
            this._tree.remove();
        }

+        const BS53Theme = {
+            getOptions() {
+                return {
+                    onhoverColor: 'var(--bs-secondary-bg)',
+                };
+            }
+        }
+
        this._tree = new BSTreeView(this.treeTarget, {
            levels: 1,
            showTags: this._showTags,
@@ -93,7 +101,7 @@ export default class extends Controller {
                }
            },
            //onNodeContextmenu: contextmenu_handler,
-        }, [BS5Theme, FAIconTheme]);
+        }, [BS5Theme, BS53Theme, FAIconTheme]);

        this.treeTarget.addEventListener(EVENT_INITIALIZED, (event) => {
            /** @type {BSTreeView} */
--- a/assets/controllers/pages/association_edit_type_select_controller.js
+++ b/assets/controllers/pages/association_edit_type_select_controller.js
@@ -0,0 +1,44 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller {
+
+    static targets = [ "display", "select" ]
+
+    connect()
+    {
+        this.update();
+        this.selectTarget.addEventListener('change', this.update.bind(this));
+    }
+
+    update()
+    {
+        //If the select value is 0, then we show the input field
+        if( this.selectTarget.value === '0')
+        {
+            this.displayTarget.classList.remove('d-none');
+        }
+        else
+        {
+            this.displayTarget.classList.add('d-none');
+        }
+    }
+}
--- a/assets/controllers/pages/dont_check_quantity_checkbox_controller.js
+++ b/assets/controllers/pages/dont_check_quantity_checkbox_controller.js
@@ -0,0 +1,65 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+/**
+ * This controller is used on a checkbox, which toggles the max value of all number input fields
+ */
+export default class extends Controller {
+
+    _checkbox;
+
+    getCheckbox() {
+        if (this._checkbox) {
+            return this._checkbox;
+        }
+
+        //Find the checkbox inside the controller element
+        this._checkbox = this.element.querySelector('input[type="checkbox"]');
+        return this._checkbox;
+    }
+
+    connect() {
+        //Add event listener to the checkbox
+        this.getCheckbox().addEventListener('change', this.toggleInputLimits.bind(this));
+    }
+
+    toggleInputLimits() {
+        //Find all input fields with the data-toggle-input-limits-target="max"
+        const inputFields = document.querySelectorAll("input[type='number']");
+
+        inputFields.forEach((inputField) => {
+            //Ensure that the input field has either a max or a data-max attribute
+            if (!inputField.hasAttribute('max') && !inputField.hasAttribute('data-max')) {
+                return;
+            }
+
+            //If the checkbox is checked, rename the max attribute to data-max
+            if (this.getCheckbox().checked) {
+                inputField.setAttribute('data-max', inputField.getAttribute('max'));
+                inputField.removeAttribute('max');
+            } else {
+                //If the checkbox is not checked, rename the data-max attribute back to max
+                inputField.setAttribute('max', inputField.getAttribute('data-max'));
+                inputField.removeAttribute('data-max');
+            }
+        });
+    }
+}
--- a/assets/controllers/pages/part_merge_modal_controller.js
+++ b/assets/controllers/pages/part_merge_modal_controller.js
@@ -0,0 +1,68 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller
+{
+    static targets = ['link', 'mode', 'otherSelect'];
+    static values = {
+        targetId: Number,
+    };
+
+    connect() {
+    }
+
+    update() {
+        const link = this.linkTarget;
+        const other_select = this.otherSelectTarget;
+
+        //Extract the mode using the mode radio buttons (we filter the array to get the checked one)
+        const mode = (this.modeTargets.filter((e)=>e.checked))[0].value;
+
+        if (other_select.value === '') {
+            link.classList.add('disabled');
+            return;
+        }
+
+        //Extract href template from data attribute on link target
+        let href = link.getAttribute('data-href-template');
+
+        let target, other;
+        if (mode === '1') {
+            target = this.targetIdValue;
+            other = other_select.value;
+        } else if (mode === '2') {
+            target = other_select.value;
+            other = this.targetIdValue;
+        } else {
+            throw 'Invalid mode';
+        }
+
+        //Replace placeholder with actual target id
+        href = href.replace('__target__', target);
+        //Replace placeholder with selected value of the select (the event sender)
+        href = href.replace('__other__', other);
+
+        //Assign new href to link
+        link.setAttribute('href', href);
+        //Make link clickable
+        link.classList.remove('disabled');
+    }
+}
--- a/assets/css/app/bs-overrides.css
+++ b/assets/css/app/bs-overrides.css
@@ -99,10 +99,25 @@ label:not(.form-check-label, .custom-control-label) {

 form .col-form-label.required:after, form label.required:after {
    bottom: 4px;
-    color: var(--bs-dark);
+    color: var(--bs-secondary-color);
    content: "\2022";
    filter: opacity(75%);
    position: relative;
    right: -2px;
    z-index: 700;
+}
+
+/****************************************
+ * HTML diff styling
+ ****************************************/
+
+/* Insertations are marked with green background and bold */
+ins {
+    background-color: #95f095;
+    font-weight: bold;
+}
+
+del {
+    background-color: #f09595;
+    font-weight: bold;
 }
--- a/assets/css/app/helpers.css
+++ b/assets/css/app/helpers.css
@@ -67,7 +67,6 @@ ul.structural_link {
    padding-bottom: 7px;
    padding-left: 0;
    list-style: none;
-    background-color: inherit;
 }

 /* Display list items side by side */
@@ -79,7 +78,7 @@ ul.structural_link li {
 /* Add a slash symbol (/) before/behind each list item */
 ul.structural_link li+li:before {
    padding: 2px;
-    color: grey;
+    color: var(--bs-tertiary-color);
    /*content: "/\00a0";*/
    font-family: "Font Awesome 5 Free";
    font-weight: 900;
@@ -89,13 +88,13 @@ ul.structural_link li+li:before {

 /* Add a color to all links inside the list */
 ul.structural_link li a {
-    color: #0275d8;
+    color: var(--bs-link-color);
    text-decoration: none;
 }

 /* Add a color on mouse-over */
 ul.structural_link li a:hover {
-    color: #01447e;
+    color: var(--bs-link-hover-color);
    text-decoration: underline;
 }

--- a/assets/css/app/layout.css
+++ b/assets/css/app/layout.css
@@ -78,8 +78,6 @@ body {
        overflow: -moz-scrollbars-none;
        /* Use standard version for hiding the scrollbar */
        scrollbar-width: none;
-
-        background-color: var(--light);
    }

    #sidebar-container {
--- a/assets/css/app/tables.css
+++ b/assets/css/app/tables.css
@@ -91,7 +91,7 @@ th.select-checkbox {
 /** Fix datatables select-checkbox position */
 table.dataTable tr.selected td.select-checkbox:after
 {
-    margin-top: -28px !important;
+    margin-top: -20px !important;
 }


@@ -116,23 +116,33 @@ table.dataTable > thead > tr > th.select-checkbox:before,
 table.dataTable > thead > tr > th.select-checkbox:after {
    display: block;
    position: absolute;
-    top: 1.2em;
+    top: 0.9em;
    left: 50%;
-    width: 12px;
-    height: 12px;
+    width: 1em !important;
+    height: 1em !important;
    box-sizing: border-box;
 }
 table.dataTable > thead > tr > th.select-checkbox:before {
    content: " ";
    margin-top: -5px;
    margin-left: -6px;
-    border: 1px solid black;
+    border: 2px solid var(--bs-tertiary-color);
    border-radius: 3px;
 }
+
+table.dataTable > tbody > tr > td.select-checkbox:before, table.dataTable > tbody > tr > th.select-checkbox:before {
+    border: 2px solid var(--bs-tertiary-color) !important;
+}
+
+table.dataTable > tbody > tr > td.select-checkbox:before, table.dataTable > tbody > tr > td.select-checkbox:after, table.dataTable > tbody > tr > th.select-checkbox:before, table.dataTable > tbody > tr > th.select-checkbox:after {
+    width: 1em !important;
+    height: 1em !important;
+}
+
 table.dataTable > thead > tr.selected > th.select-checkbox:after {
    content: "✓";
    font-size: 20px;
-    margin-top: -23px;
+    margin-top: -20px;
    margin-left: -6px;
    text-align: center;
    /*text-shadow: 1px 1px #B0BED9, -1px -1px #B0BED9, 1px -1px #B0BED9, -1px 1px #B0BED9; */
--- a/assets/css/components/ckeditor.css
+++ b/assets/css/components/ckeditor.css
@@ -36,3 +36,42 @@
 .ck-html-label .ck-content hr {
    margin: 2px;
 }
+
+/***********************************************
+ * Hide CKEditor powered by message
+ ***********************************************/
+.ck-powered-by {
+    display: none;
+}
+
+
+
+
+/***********************************************
+ * Use Bootstrap color vars for CKEditor
+ ***********************************************/
+:root {
+    --ck-color-base-foreground: var(--bs-secondary-bg);
+    --ck-color-base-background: var(--bs-body-bg);
+    --ck-color-base-border: var(--bs-border-color);
+    --ck-color-base-action: var(--bs-success);
+    --ck-color-base-focus: var(--bs-primary-border-subtle);
+    --ck-color-base-text: var(--bs-body-color);
+    --ck-color-base-active: var(--bs-primary-bg-subtle);
+    --ck-color-base-active-focus: var(--bs-primary);
+    --ck-color-base-error: var(--bs-danger);
+
+    /* Improve contrast between text and toolbar */
+    --ck-color-toolbar-background: var(--bs-tertiary-bg);
+
+    /* Buttons */
+    --ck-color-button-default-hover-background: var(--bs-secondary-bg);
+    --ck-color-button-default-active-background: var(--bs-secondary-bg);
+
+    --ck-color-button-on-background: var(--bs-body-bg);
+    --ck-color-button-on-hover-background: var(--bs-secondary-bg);
+    --ck-color-button-on-active-background: var(--bs-secondary-bg);
+    --ck-color-button-on-disabled-background: var(--bs-secondary-bg);
+    --ck-color-button-on-color:	var(--bs-primary)
+
+}
--- a/assets/css/components/tom-select_extensions.css
+++ b/assets/css/components/tom-select_extensions.css
@@ -18,6 +18,29 @@
 */

 .tagsinput.ts-wrapper.multi .ts-control > div {
-    background: var(--bs-secondary);
-    color: var(--bs-white);
-}
+    background: var(--bs-secondary-bg);
+    color: var(--bs-body-color);
+}
+
+/*********
+ * BS 5.3 compatible dark mode
+ ***************/
+
+.ts-dropdown .active {
+    background-color: var(--bs-secondary-bg) !important;
+    color: var(--bs-body-color) !important;
+}
+
+.ts-dropdown, .ts-control, .ts-control input {
+    color: var(--bs-body-color) !important;
+}
+
+.ts-dropdown, .ts-dropdown.form-control, .ts-dropdown.form-select {
+    background: var(--bs-body-bg);
+}
+
+.ts-dropdown .optgroup-header {
+    color: var(--bs-tertiary-color);
+    background: var(--bs-body-bg);
+    cursor: default;
+}
--- a/assets/fonts/dompdf/.gitignore
+++ b/assets/fonts/dompdf/.gitignore
@@ -0,0 +1,3 @@
+# Ignore font files
+*.otf
+*.ttf
--- a/assets/fonts/dompdf/README.md
+++ b/assets/fonts/dompdf/README.md
@@ -0,0 +1 @@
+Put your font ttf files in this folder to make them available to the label generator.
--- a/assets/js/app.js
+++ b/assets/js/app.js
@@ -22,7 +22,6 @@

 import '../css/app/layout.css';
 import '../css/app/helpers.css';
-import '../css/app/darkmode.css';
 import '../css/app/tables.css';
 import '../css/app/bs-overrides.css';
 import '../css/app/treeview.css';
--- a/assets/js/error_handler.js
+++ b/assets/js/error_handler.js
@@ -27,14 +27,67 @@ class ErrorHandlerHelper {
    constructor() {
        console.log('Error Handler registered');

-        const content = document.getElementById('content');
-        content.addEventListener('turbo:before-fetch-response', (event) => this.handleError(event));
+        //const content = document.getElementById('content');
+        //It seems that the content element is unreliable for these events, so we use the document instead
+        const content = document;
+        //content.addEventListener('turbo:before-fetch-response', (event) => this.handleError(event));
+        content.addEventListener('turbo:fetch-request-error', (event) => this.handleError(event));
+        content.addEventListener('turbo:frame-missing', (event) => this.handleError(event));

        $(document).ajaxError(this.handleJqueryErrror.bind(this));
    }

    _showAlert(statusText, statusCode, location, responseHTML)
    {
+        const httpStatusToText = {
+            '200': 'OK',
+            '201': 'Created',
+            '202': 'Accepted',
+            '203': 'Non-Authoritative Information',
+            '204': 'No Content',
+            '205': 'Reset Content',
+            '206': 'Partial Content',
+            '300': 'Multiple Choices',
+            '301': 'Moved Permanently',
+            '302': 'Found',
+            '303': 'See Other',
+            '304': 'Not Modified',
+            '305': 'Use Proxy',
+            '306': 'Unused',
+            '307': 'Temporary Redirect',
+            '400': 'Bad Request',
+            '401': 'Unauthorized',
+            '402': 'Payment Required',
+            '403': 'Forbidden',
+            '404': 'Not Found',
+            '405': 'Method Not Allowed',
+            '406': 'Not Acceptable',
+            '407': 'Proxy Authentication Required',
+            '408': 'Request Timeout',
+            '409': 'Conflict',
+            '410': 'Gone',
+            '411': 'Length Required',
+            '412': 'Precondition Required',
+            '413': 'Request Entry Too Large',
+            '414': 'Request-URI Too Long',
+            '415': 'Unsupported Media Type',
+            '416': 'Requested Range Not Satisfiable',
+            '417': 'Expectation Failed',
+            '418': 'I\'m a teapot',
+            '429': 'Too Many Requests',
+            '500': 'Internal Server Error',
+            '501': 'Not Implemented',
+            '502': 'Bad Gateway',
+            '503': 'Service Unavailable',
+            '504': 'Gateway Timeout',
+            '505': 'HTTP Version Not Supported',
+        };
+
+        //If the statusText is empty, we use the status code as text
+        if (!statusText) {
+            statusText = httpStatusToText[statusCode];
+        }
+
        //Create error text
        const title = statusText + ' (Status ' + statusCode + ')';

@@ -87,8 +140,10 @@ class ErrorHandlerHelper {
    }

    handleError(event) {
-        const fetchResponse = event.detail.fetchResponse;
-        const response = fetchResponse.response;
+        //Prevent default error handling
+        event.preventDefault();
+
+        const response = event.detail.response;

        //Ignore aborted requests.
        if (response.statusText === 'abort' || response.status == 0) {
@@ -100,11 +155,17 @@ class ErrorHandlerHelper {
            return;
        }

-        if(fetchResponse.failed) {
+        //Skip 404 errors, on admin pages (as this causes a popup on deletion in firefox)
+        if (response.status == 404 && event.target.id === 'admin-content-frame') {
+            return;
+        }
+
+
+        if(!response.ok) {
            response.text().then(responseHTML => {
-                this._showAlert(response.statusText, response.status, fetchResponse.location.toString(), responseHTML);
+                this._showAlert(response.statusText, response.status, response.url, responseHTML);
            }).catch(err => {
-                this._showAlert(response.statusText, response.status, fetchResponse.location.toString(), '<pre>' + err + '</pre>');
+                this._showAlert(response.statusText, response.status, response.url, '<pre>' + err + '</pre>');
            });
        }
    }
--- a/assets/js/lib/datatables.js
+++ b/assets/js/lib/datatables.js
@@ -47,7 +47,8 @@
                method: config.method,
                data: {
                    _dt: config.name,
-                    _init: true
+                    _init: true,
+                    order: config.initial_order ?? undefined,
                }
            }).done(function(data) {
                var baseState;
@@ -72,6 +73,17 @@
                            }
                        } else {
                            request._dt = config.name;
+
+                            //Try to resolve the original column index when the column was reordered (using the ColReorder plugin)
+                            //Only do this when _ColReorder_iOrigCol is available
+                            if (settings.aoColumns && settings.aoColumns.length && settings.aoColumns[0]._ColReorder_iOrigCol !== undefined) {
+                                if (request.order && request.order.length) {
+                                    request.order.forEach(function (order) {
+                                        order.column = settings.aoColumns[order.column]._ColReorder_iOrigCol;
+                                    });
+                                }
+                            }
+
                            $.ajax(typeof config.url === 'function' ? config.url(dt) : config.url, {
                                method: config.method,
                                data: request
--- a/assets/js/register_events.js
+++ b/assets/js/register_events.js
@@ -20,6 +20,7 @@
 'use strict';

 import {Dropdown} from "bootstrap";
+import ClipboardJS from "clipboard";

 class RegisterEventHelper {
    constructor() {
@@ -27,6 +28,11 @@ class RegisterEventHelper {
        this.configureDropdowns();
        this.registerSpecialCharInput();

+        //Initialize ClipboardJS
+        this.registerLoadHandler(() => {
+            new ClipboardJS('.btn');
+        })
+
        this.registerModalDropRemovalOnFormSubmit();
    }

@@ -59,76 +65,239 @@ class RegisterEventHelper {
    }

    registerTooltips() {
-        this.registerLoadHandler(() => {
+        const handler = () => {
            $(".tooltip").remove();
            //Exclude dropdown buttons from tooltips, otherwise we run into endless errors from bootstrap (bootstrap.esm.js:614 Bootstrap doesn't allow more than one instance per element. Bound instance: bs.dropdown.)
-            $('a[title], button[title]:not([data-bs-toggle="dropdown"]), p[title], span[title], h6[title], h3[title], i.fas[title]')
+            $('a[title], label[title], button[title]:not([data-bs-toggle="dropdown"]), p[title], span[title], h6[title], h3[title], i[title], small[title]')
                //@ts-ignore
                .tooltip("hide").tooltip({container: "body", placement: "auto", boundary: 'window'});
-        });
+        };
+
+        this.registerLoadHandler(handler);
+        document.addEventListener('dt:loaded', handler);
    }

    registerSpecialCharInput() {
        this.registerLoadHandler(() => {
            //@ts-ignore
            $("input[type=text], input[type=search]").unbind("keydown").keydown(function (event) {
-                let greek = event.altKey;
+                let use_special_char = event.altKey;

                let greek_char = "";
-                if (greek){
+                if (use_special_char){
+                    //Use the key property to determine the greek letter (as it is independent of the keyboard layout)
                    switch(event.key) {
-                        case "w": //Omega
-                            greek_char = '\u2126';
-                            break;
-                        case "u":
-                        case "m": //Micro
-                            greek_char = "\u00B5";
-                            break;
-                        case "p": //Phi
-                            greek_char = "\u03C6";
-                            break;
-                        case "a": //Alpha
+                        //Greek letters
+                        case "a": //Alpha (lowercase)
                            greek_char = "\u03B1";
                            break;
-                        case "b": //Beta
+                        case "A": //Alpha (uppercase)
+                            greek_char = "\u0391";
+                            break;
+                        case "b": //Beta (lowercase)
                            greek_char = "\u03B2";
                            break;
-                        case "c": //Gamma
+                        case "B": //Beta (uppercase)
+                            greek_char = "\u0392";
+                            break;
+                        case "g": //Gamma (lowercase)
                            greek_char = "\u03B3";
                            break;
-                        case "d": //Delta
+                        case "G": //Gamma (uppercase)
+                            greek_char = "\u0393";
+                            break;
+                        case "d": //Delta (lowercase)
                            greek_char = "\u03B4";
                            break;
-                        case "l": //Pound
-                            greek_char = "\u00A3";
+                        case "D": //Delta (uppercase)
+                            greek_char = "\u0394";
                            break;
-                        case "y": //Yen
-                            greek_char = "\u00A5";
+                        case "e": //Epsilon (lowercase)
+                            greek_char = "\u03B5";
                            break;
-                        case "o": //Yen
-                            greek_char = "\u00A4";
+                        case "E": //Epsilon (uppercase)
+                            greek_char = "\u0395";
                            break;
-                        case "1": //Sum symbol
-                            greek_char = "\u2211";
+                        case "z": //Zeta (lowercase)
+                            greek_char = "\u03B6";
                            break;
-                        case "2": //Integral
-                            greek_char = "\u222B";
+                        case "Z": //Zeta (uppercase)
+                            greek_char = "\u0396";
                            break;
-                        case "3": //Less-than or equal
-                            greek_char = "\u2264";
+                        case "h": //Eta (lowercase)
+                            greek_char = "\u03B7";
                            break;
-                        case "4": //Greater than or equal
-                            greek_char = "\u2265";
+                        case "H": //Eta (uppercase)
+                            greek_char = "\u0397";
                            break;
-                        case "5": //PI
-                            greek_char = "\u03c0";
+                        case "q": //Theta (lowercase)
+                            greek_char = "\u03B8";
                            break;
-                        case "q": //Copyright
-                            greek_char = "\u00A9";
+                        case "Q": //Theta (uppercase)
+                            greek_char = "\u0398";
                            break;
-                        case "e": //Euro
-                            greek_char = "\u20AC";
+                        case "i": //Iota (lowercase)
+                            greek_char = "\u03B9";
                            break;
+                        case "I": //Iota (uppercase)
+                            greek_char = "\u0399";
+                            break;
+                        case "k": //Kappa (lowercase)
+                            greek_char = "\u03BA";
+                            break;
+                        case "K": //Kappa (uppercase)
+                            greek_char = "\u039A";
+                            break;
+                        case "l": //Lambda (lowercase)
+                            greek_char = "\u03BB";
+                            break;
+                        case "L": //Lambda (uppercase)
+                            greek_char = "\u039B";
+                            break;
+                        case "m": //Mu (lowercase)
+                            greek_char = "\u03BC";
+                            break;
+                        case "M": //Mu (uppercase)
+                            greek_char = "\u039C";
+                            break;
+                        case "n": //Nu (lowercase)
+                            greek_char = "\u03BD";
+                            break;
+                        case "N": //Nu (uppercase)
+                            greek_char = "\u039D";
+                            break;
+                        case "x": //Xi (lowercase)
+                            greek_char = "\u03BE";
+                            break;
+                        case "X": //Xi (uppercase)
+                            greek_char = "\u039E";
+                            break;
+                        case "o": //Omicron (lowercase)
+                            greek_char = "\u03BF";
+                            break;
+                        case "O": //Omicron (uppercase)
+                            greek_char = "\u039F";
+                            break;
+                        case "p": //Pi (lowercase)
+                            greek_char = "\u03C0";
+                            break;
+                        case "P": //Pi (uppercase)
+                            greek_char = "\u03A0";
+                            break;
+                        case "r": //Rho (lowercase)
+                            greek_char = "\u03C1";
+                            break;
+                        case "R": //Rho (uppercase)
+                            greek_char = "\u03A1";
+                            break;
+                        case "s": //Sigma (lowercase)
+                            greek_char = "\u03C3";
+                            break;
+                        case "S": //Sigma (uppercase)
+                            greek_char = "\u03A3";
+                            break;
+                        case "t": //Tau (lowercase)
+                            greek_char = "\u03C4";
+                            break;
+                        case "T": //Tau (uppercase)
+                            greek_char = "\u03A4";
+                            break;
+                        case "u": //Upsilon (lowercase)
+                            greek_char = "\u03C5";
+                            break;
+                        case "U": //Upsilon (uppercase)
+                            greek_char = "\u03A5";
+                            break;
+                        case "f": //Phi (lowercase)
+                            greek_char = "\u03C6";
+                            break;
+                        case "F": //Phi (uppercase)
+                            greek_char = "\u03A6";
+                            break;
+                        case "c": //Chi (lowercase)
+                            greek_char = "\u03C7";
+                            break;
+                        case "C": //Chi (uppercase)
+                            greek_char = "\u03A7";
+                            break;
+                        case "y": //Psi (lowercase)
+                            greek_char = "\u03C8";
+                            break;
+                        case "Y": //Psi (uppercase)
+                            greek_char = "\u03A8";
+                            break;
+                        case "w": //Omega (lowercase)
+                            greek_char = "\u03C9";
+                            break;
+                        case "W": //Omega (uppercase)
+                            greek_char = "\u03A9";
+                            break;
+                    }
+
+                    //Use keycodes for special characters as the shift char on the number keys are layout dependent
+                    switch (event.keyCode) {
+                        case 49: //1 key
+                            //Product symbol on shift, sum on no shift
+                            greek_char = event.shiftKey ? "\u220F" : "\u2211";
+                            break;
+                        case 50: //2 key
+                            //Integral on no shift, partial derivative on shift
+                            greek_char = event.shiftKey ?  "\u2202" : "\u222B";
+                            break;
+                        case 51: //3 key
+                            //Less than or equal on no shift, greater than or equal on shift
+                            greek_char = event.shiftKey ? "\u2265" : "\u2264";
+                            break;
+                        case 52: //4 key
+                            //Empty set on shift, infinity on no shift
+                            greek_char = event.shiftKey ? "\u2205" : "\u221E";
+                            break;
+                        case 53: //5 key
+                            //Not equal on shift, approx equal on no shift
+                            greek_char = event.shiftKey ? "\u2260" : "\u2248";
+                            break;
+                        case 54: //6 key
+                            //Element of on no shift, not element of on shift
+                            greek_char = event.shiftKey ? "\u2209" : "\u2208";
+                            break;
+                        case 55: //7 key
+                            //And on shift, or on no shift
+                            greek_char = event.shiftKey ? "\u2227" : "\u2228";
+                            break;
+                        case 56: //8 key
+                            //Proportional to on shift, angle on no shift
+                            greek_char = event.shiftKey ? "\u221D" : "\u2220";
+                            break;
+                        case 57: //9 key
+                            //Cube root on shift, square root on no shift
+                            greek_char = event.shiftKey ? "\u221B" : "\u221A";
+                            break;
+                        case 48: //0 key
+                            //Minus-Plus on shift, plus-minus on no shift
+                            greek_char = event.shiftKey ? "\u2213" : "\u00B1";
+                            break;
+
+                        //Special characters
+                        case 219: //hyphen (or ß on german layout)
+                            //Copyright on no shift, TM on shift
+                            greek_char = event.shiftKey ? "\u2122" : "\u00A9";
+                            break;
+                        case 191: //forward slash (or # on german layout)
+                            //Generic currency on no shift, paragraph on shift
+                            greek_char = event.shiftKey ? "\u00B6" : "\u00A4";
+                            break;
+
+                        //Currency symbols
+                        case 192: //: or (ö on german layout)
+                            //Euro on no shift, pound on shift
+                            greek_char = event.shiftKey ? "\u00A3" : "\u20AC";
+                            break;
+                        case 221: //; or (ä on german layout)
+                            //Yen on no shift,  dollar on shift
+                            greek_char = event.shiftKey ? "\u0024" : "\u00A5";
+                            break;
+
+
                    }

                    if(greek_char=="") return;
--- a/assets/js/tab_remember.js
+++ b/assets/js/tab_remember.js
@@ -19,7 +19,7 @@

 "use strict";

-import {Tab} from "bootstrap";
+import {Tab, Dropdown, Collapse} from "bootstrap";
 import tab from "bootstrap/js/src/tab";

 /**
@@ -54,6 +54,7 @@ class TabRememberHelper {
        const first_element = merged[0] ?? null;
        if(first_element) {
            this.revealElementOnTab(first_element);
+            this.revealElementInCollapse(first_element);
        }
    }

@@ -62,7 +63,27 @@ class TabRememberHelper {
     * @param event
     */
    onInvalid(event) {
+        this.revealElementInCollapse(event.target);
        this.revealElementOnTab(event.target);
+        this.revealElementInDropdown(event.target);
+    }
+
+    revealElementInCollapse(element) {
+        let collapse = element.closest('.collapse');
+
+        if(collapse) {
+            let bs_collapse = Collapse.getOrCreateInstance(collapse);
+            bs_collapse.show();
+        }
+    }
+
+    revealElementInDropdown(element) {
+        let dropdown = element.closest('.dropdown-menu');
+
+        if(dropdown) {
+            let bs_dropdown = Dropdown.getOrCreateInstance(dropdown);
+            bs_dropdown.show();
+        }
    }

    revealElementOnTab(element) {
--- a/assets/js/webauthn_tfa.js
+++ b/assets/js/webauthn_tfa.js
@@ -21,8 +21,13 @@

 class WebauthnTFA {

-// Decodes a Base64Url string
-    _base64UrlDecode = (input) => {
+    _b64UrlSafeEncode = (str) => {
+        const b64 = btoa(str);
+        return b64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
+    }
+
+    // Decodes a Base64Url string
+    _b64UrlSafeDecode = (input) => {
        input = input
            .replace(/-/g, '+')
            .replace(/_/g, '/');
@@ -39,13 +44,16 @@ class WebauthnTFA {
    };

    // Converts an array of bytes into a Base64Url string
-    _arrayToBase64String = (a) => btoa(String.fromCharCode(...a));
+    _arrayToBase64String = (a) => {
+        const str = String.fromCharCode(...a);
+        return this._b64UrlSafeEncode(str);
+    }

    // Prepares the public key options object returned by the Webauthn Framework
    _preparePublicKeyOptions = publicKey => {
        //Convert challenge from Base64Url string to Uint8Array
        publicKey.challenge = Uint8Array.from(
-            this._base64UrlDecode(publicKey.challenge),
+            this._b64UrlSafeDecode(publicKey.challenge),
            c => c.charCodeAt(0)
        );

@@ -67,7 +75,7 @@ class WebauthnTFA {
                    return {
                        ...data,
                        id: Uint8Array.from(
-                            this._base64UrlDecode(data.id),
+                            this._b64UrlSafeDecode(data.id),
                            c => c.charCodeAt(0)
                        ),
                    };
@@ -81,7 +89,7 @@ class WebauthnTFA {
                    return {
                        ...data,
                        id: Uint8Array.from(
-                            this._base64UrlDecode(data.id),
+                            this._b64UrlSafeDecode(data.id),
                            c => c.charCodeAt(0)
                        ),
                    };
--- a/assets/translator.js
+++ b/assets/translator.js
@@ -0,0 +1,16 @@
+import { localeFallbacks } from '../var/translations/configuration';
+import { trans, getLocale, setLocale, setLocaleFallbacks } from '@symfony/ux-translator';
+/*
+ * This file is part of the Symfony UX Translator package.
+ *
+ * If folder "../var/translations" does not exist, or some translations are missing,
+ * you must warmup your Symfony cache to refresh JavaScript translations.
+ *
+ * If you use TypeScript, you can rename this file to "translator.ts" to take advantage of types checking.
+ */
+
+setLocaleFallbacks(localeFallbacks);
+
+export { trans };
+
+export * from '../var/translations';
--- a/bin/console
+++ b/bin/console
@@ -4,6 +4,13 @@
 use App\Kernel;
 use Symfony\Bundle\FrameworkBundle\Console\Application;

+//Increase xdebug.max_nesting_level to 1000 if required (see issue #411)
+//Check if xdebug extension is active, and xdebug.max_nesting_level is set to 256 or lower
+if (extension_loaded('xdebug') && ((int) ini_get('xdebug.max_nesting_level')) <= 256) {
+    //Increase xdebug.max_nesting_level to 1000
+    ini_set('xdebug.max_nesting_level', '1000');
+}
+
 if (!is_file(dirname(__DIR__).'/vendor/autoload_runtime.php')) {
    throw new LogicException('Symfony Runtime is missing. Try running "composer require symfony/runtime".');
 }
--- a/codecov.yml
+++ b/codecov.yml
@@ -5,4 +5,5 @@ coverage:
  status:
    project:
      default:
-        threshold: 5%
+        threshold: 10%
+        target: 40%
--- a/composer.json
+++ b/composer.json
@@ -2,71 +2,83 @@
    "type": "project",
    "license": "AGPL-3.0-or-later",
    "require": {
-        "php": "^7.4 || ^8.0",
+        "php": "^8.1",
        "ext-ctype": "*",
+        "ext-dom": "*",
        "ext-gd": "*",
        "ext-iconv": "*",
        "ext-intl": "*",
        "ext-json": "*",
        "ext-mbstring": "*",
+        "api-platform/core": "^3.1",
        "beberlei/doctrineextensions": "^1.2",
-        "brick/math": "^0.8.15",
-        "composer/package-versions-deprecated": "1.11.99.4",
-        "doctrine/annotations": "^1.6",
+        "brick/math": "^0.11.0",
+        "composer/package-versions-deprecated": "^1.11.99.5",
+        "doctrine/annotations": "1.14.3",
+        "doctrine/data-fixtures": "^1.6.6",
        "doctrine/dbal": "^3.4.6",
        "doctrine/doctrine-bundle": "^2.0",
        "doctrine/doctrine-migrations-bundle": "^3.0",
-        "doctrine/orm": "^2.9",
-        "dompdf/dompdf": "^2.0.0",
+        "doctrine/orm": "^2.16",
+        "dompdf/dompdf": "dev-master#87bea32efe0b0db309e1d31537201f64d5508280 as v2.0.3",
        "erusev/parsedown": "^1.7",
        "florianv/swap": "^4.0",
        "florianv/swap-bundle": "dev-master",
        "gregwar/captcha-bundle": "^2.1.0",
-        "jbtronics/2fa-webauthn": "^1.0.0",
+        "jbtronics/2fa-webauthn": "^v2.0.0",
+        "jbtronics/dompdf-font-loader-bundle": "^1.0.0",
+        "jfcherng/php-diff": "^6.14",
+        "knpuniversity/oauth2-client-bundle": "^2.15",
+        "league/csv": "^9.8.0",
        "league/html-to-markdown": "^5.0.1",
        "liip/imagine-bundle": "^2.2",
+        "nbgrp/onelogin-saml-bundle": "^1.3",
        "nelexa/zip": "^4.0",
+        "nelmio/cors-bundle": "^2.3",
        "nelmio/security-bundle": "^3.0",
        "nyholm/psr7": "^1.1",
        "ocramius/proxy-manager": "2.2.*",
-        "omines/datatables-bundle": "^0.5.0",
-        "php-translation/symfony-bundle": "^0.12.0",
+        "omines/datatables-bundle": "^0.7.2",
+        "part-db/label-fonts": "^1.0",
+        "php-translation/symfony-bundle": "^0.14.0",
        "phpdocumentor/reflection-docblock": "^5.2",
+        "phpstan/phpdoc-parser": "^1.23",
        "s9e/text-formatter": "^2.1",
-        "scheb/2fa-backup-code": "^5.13",
-        "scheb/2fa-bundle": "^5.13",
-        "scheb/2fa-google-authenticator": "^5.13",
-        "scheb/2fa-trusted-device": "^5.13",
-        "sensio/framework-extra-bundle": "^6.1.1",
+        "scheb/2fa-backup-code": "^6.8.0",
+        "scheb/2fa-bundle": "^6.8.0",
+        "scheb/2fa-google-authenticator": "^6.8.0",
+        "scheb/2fa-trusted-device": "^6.8.0",
        "shivas/versioning-bundle": "^4.0",
-        "spatie/db-dumper": "^2.21",
+        "spatie/db-dumper": "^3.3.1",
        "symfony/apache-pack": "^1.0",
-        "symfony/asset": "5.4.*",
-        "symfony/console": "5.4.*",
-        "symfony/dotenv": "5.4.*",
-        "symfony/expression-language": "5.4.*",
-        "symfony/flex": "^1.1",
-        "symfony/form": "5.4.*",
-        "symfony/framework-bundle": "5.4.*",
-        "symfony/http-client": "5.4.*",
-        "symfony/http-kernel": "5.4.*",
-        "symfony/mailer": "5.4.*",
+        "symfony/asset": "6.3.*",
+        "symfony/console": "6.3.*",
+        "symfony/dotenv": "6.3.*",
+        "symfony/expression-language": "6.3.*",
+        "symfony/flex": "^v2.3.1",
+        "symfony/form": "6.3.*",
+        "symfony/framework-bundle": "6.3.*",
+        "symfony/http-client": "6.3.*",
+        "symfony/http-kernel": "6.3.*",
+        "symfony/mailer": "6.3.*",
        "symfony/monolog-bundle": "^3.1",
-        "symfony/process": "5.4.*",
-        "symfony/property-access": "5.4.*",
-        "symfony/property-info": "5.4.*",
-        "symfony/proxy-manager-bridge": "5.4.*",
-        "symfony/rate-limiter": "5.4.*",
-        "symfony/runtime": "5.4.*",
-        "symfony/security-bundle": "5.4.*",
-        "symfony/serializer": "5.4.*",
-        "symfony/translation": "5.4.*",
-        "symfony/twig-bundle": "5.4.*",
+        "symfony/process": "6.3.*",
+        "symfony/property-access": "6.3.*",
+        "symfony/property-info": "6.3.*",
+        "symfony/proxy-manager-bridge": "6.3.*",
+        "symfony/rate-limiter": "6.3.*",
+        "symfony/runtime": "6.3.*",
+        "symfony/security-bundle": "6.3.*",
+        "symfony/serializer": "6.3.*",
+        "symfony/string": "6.3.*",
+        "symfony/translation": "6.3.*",
+        "symfony/twig-bundle": "6.3.*",
+        "symfony/ux-translator": "^2.10",
        "symfony/ux-turbo": "^2.0",
-        "symfony/validator": "5.4.*",
-        "symfony/web-link": "5.4.*",
-        "symfony/webpack-encore-bundle": "^1.1",
-        "symfony/yaml": "5.4.*",
+        "symfony/validator": "6.3.*",
+        "symfony/web-link": "6.3.*",
+        "symfony/webpack-encore-bundle": "^v2.0.1",
+        "symfony/yaml": "6.3.*",
        "tecnickcom/tc-lib-barcode": "^1.15",
        "twig/cssinliner-extra": "^3.0",
        "twig/extra-bundle": "^3.0",
@@ -74,7 +86,7 @@
        "twig/inky-extra": "^3.0",
        "twig/intl-extra": "^3.0",
        "twig/markdown-extra": "^3.0",
-        "web-auth/webauthn-symfony-bundle": "^3.3",
+        "web-auth/webauthn-symfony-bundle": "^4.0.0",
        "webmozart/assert": "^1.4"
    },
    "require-dev": {
@@ -84,17 +96,20 @@
        "phpstan/extension-installer": "^1.0",
        "phpstan/phpstan": "^1.4.7",
        "phpstan/phpstan-doctrine": "^1.2.11",
+        "phpstan/phpstan-strict-rules": "^1.5",
        "phpstan/phpstan-symfony": "^1.1.7",
+        "phpunit/phpunit": "^9.5",
        "psalm/plugin-symfony": "^v5.0.1",
+        "rector/rector": "^0.18.0",
        "roave/security-advisories": "dev-latest",
-        "symfony/browser-kit": "^5.2",
-        "symfony/css-selector": "^5.2",
-        "symfony/debug-bundle": "^5.2",
+        "symfony/browser-kit": "6.3.*",
+        "symfony/css-selector": "6.3.*",
+        "symfony/debug-bundle": "6.3.*",
        "symfony/maker-bundle": "^1.13",
-        "symfony/phpunit-bridge": "5.4.*",
-        "symfony/stopwatch": "^5.2",
-        "symfony/web-profiler-bundle": "^5.2",
-        "symplify/easy-coding-standard": "^11.0",
+        "symfony/phpunit-bridge": "6.3.*",
+        "symfony/stopwatch": "6.3.*",
+        "symfony/web-profiler-bundle": "6.3.*",
+        "symplify/easy-coding-standard": "^12.0",
        "vimeo/psalm": "^5.6.0"
    },
    "suggest": {
@@ -106,7 +121,7 @@
            "*": "dist"
        },
        "platform": {
-            "php": "7.4.0"
+            "php": "8.1.0"
        },
        "sort-packages": true,
        "allow-plugins": {
@@ -138,7 +153,7 @@
        "post-update-cmd": [
            "@auto-scripts"
        ],
-        "phpstan": "vendor/bin/phpstan analyse src --level 2 --memory-limit 1G"
+        "phpstan": "vendor/bin/phpstan analyse src --level 5 --memory-limit 1G"
    },
    "conflict": {
        "symfony/symfony": "*"
@@ -146,9 +161,7 @@
    "extra": {
        "symfony": {
            "allow-contrib": false,
-            "require": "5.4.*"
+            "require": "6.3.*"
        }
-    },
-    "repositories": [
-    ]
+    }
 }
--- a/composer.lock
+++ b/composer.lock
--- a/config/bootstrap.php
+++ b/config/bootstrap.php
@@ -1,23 +0,0 @@
-<?php
-
-use Symfony\Component\Dotenv\Dotenv;
-
-require dirname(__DIR__).'/vendor/autoload.php';
-
-if (!class_exists(Dotenv::class)) {
-    throw new LogicException('Please run "composer require symfony/dotenv" to load the ".env" files configuring the application.');
-}
-
-// Load cached env vars if the .env.local.php file exists
-// Run "composer dump-env prod" to create it (requires symfony/flex >=1.2)
-if (is_array($env = @include dirname(__DIR__).'/.env.local.php') && (!isset($env['APP_ENV']) || ($_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? $env['APP_ENV']) === $env['APP_ENV'])) {
-    (new Dotenv(false))->populate($env);
-} else {
-    // load all the .env files
-    (new Dotenv(false))->loadEnv(dirname(__DIR__).'/.env');
-}
-
-$_SERVER += $_ENV;
-$_SERVER['APP_ENV'] = $_ENV['APP_ENV'] = ($_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? null) ?: 'dev';
-$_SERVER['APP_DEBUG'] = $_SERVER['APP_DEBUG'] ?? $_ENV['APP_DEBUG'] ?? 'prod' !== $_SERVER['APP_ENV'];
-$_SERVER['APP_DEBUG'] = $_ENV['APP_DEBUG'] = (int) $_SERVER['APP_DEBUG'] || filter_var($_SERVER['APP_DEBUG'], FILTER_VALIDATE_BOOLEAN) ? '1' : '0';
--- a/config/bundles.php
+++ b/config/bundles.php
@@ -2,7 +2,6 @@

 return [
    Symfony\Bundle\FrameworkBundle\FrameworkBundle::class => ['all' => true],
-    Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle::class => ['all' => true],
    Doctrine\Bundle\DoctrineBundle\DoctrineBundle::class => ['all' => true],
    Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle::class => ['all' => true],
    Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
@@ -27,4 +26,11 @@ return [
    Scheb\TwoFactorBundle\SchebTwoFactorBundle::class => ['all' => true],
    SpomkyLabs\CborBundle\SpomkyLabsCborBundle::class => ['all' => true],
    Webauthn\Bundle\WebauthnBundle::class => ['all' => true],
+    Nbgrp\OneloginSamlBundle\NbgrpOneloginSamlBundle::class => ['all' => true],
+    Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true],
+    Symfony\UX\Translator\UxTranslatorBundle::class => ['all' => true],
+    Jbtronics\DompdfFontLoaderBundle\DompdfFontLoaderBundle::class => ['all' => true],
+    KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
+    Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true],
+    ApiPlatform\Symfony\Bundle\ApiPlatformBundle::class => ['all' => true],
 ];
--- a/config/packages/api_platform.yaml
+++ b/config/packages/api_platform.yaml
@@ -0,0 +1,28 @@
+api_platform:
+
+  title: 'Part-DB API'
+  description: 'API of Part-DB'
+
+  version: '0.1.0'
+
+#  eager_loading:
+#    max_joins: 100
+
+  keep_legacy_inflector: false
+
+  swagger:
+    api_keys:
+      # overridden in OpenApiFactoryDecorator
+      access_token:
+        name: Authorization
+        type: header
+
+  defaults:
+    # TODO: Change this to true later. In the moment it is false, because we use the session in somewhere
+    stateless: false
+    cache_headers:
+        vary: ['Content-Type', 'Authorization', 'Origin']
+    extra_properties:
+        standard_put: true
+
+    pagination_client_items_per_page: true # Allow clients to override the default items per page
--- a/config/packages/cache.yaml
+++ b/config/packages/cache.yaml
@@ -20,3 +20,6 @@ framework:
            tree.cache:
                adapter: cache.app
                tags: true
+
+            info_provider.cache:
+                adapter: cache.app
--- a/config/packages/datatables.yaml
+++ b/config/packages/datatables.yaml
@@ -9,7 +9,7 @@ datatables:
    # Set options, as documented at https://datatables.net/reference/option/
    options:
        lengthMenu : [[10, 25, 50, 100, -1], [10, 25, 50, 100, "All"]]
-        pageLength: 50
+        pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
        #dom: "<'row' <'col-sm-12' tr>><'row' <'col-sm-6'l><'col-sm-6 text-right'pif>>"
        dom: "  <'row'<'col mb-2 input-group' B l> <'col mb-2' <'pull-end' p>>>
                        <'card'
--- a/config/packages/doctrine.yaml
+++ b/config/packages/doctrine.yaml
@@ -12,6 +12,8 @@ doctrine:
                class: App\Doctrine\Types\UTCDateTimeType
            big_decimal:
                class: App\Doctrine\Types\BigDecimalType
+            tinyint:
+                class: App\Doctrine\Types\TinyIntType
        
        schema_filter: ~^(?!internal)~
        # Only enable this when needed
@@ -19,12 +21,15 @@ doctrine:

    orm:
        auto_generate_proxy_classes: true
+        enable_lazy_ghost_objects: true
+        report_fields_where_declared: true
+        validate_xml_mapping: true
        naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
        auto_mapping: true
        mappings:
            App:
                is_bundle: false
-                type: annotation
+                type: attribute
                dir: '%kernel.project_dir%/src/Entity'
                prefix: 'App\Entity'
                alias: App
@@ -33,6 +38,8 @@ doctrine:
            string_functions:
                regexp: DoctrineExtensions\Query\Mysql\Regexp
                ifnull: DoctrineExtensions\Query\Mysql\IfNull
+                field:  DoctrineExtensions\Query\Mysql\Field
+                field2: App\Doctrine\Functions\Field2

 when@test:
    doctrine:
--- a/config/packages/dompdf_font_loader.yaml
+++ b/config/packages/dompdf_font_loader.yaml
@@ -0,0 +1,11 @@
+dompdf_font_loader:
+  auto_install: true
+
+  fonts:
+    unifont:
+      normal: "%kernel.project_dir%/vendor/part-db/label-fonts/fonts/unifont.ttf"
+
+  # Enable autodiscovery of fonts, so that font installation is much easier
+  autodiscovery:
+    paths:
+      - "%kernel.project_dir%/assets/fonts/dompdf"
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -2,8 +2,12 @@
 framework:
    secret: '%env(APP_SECRET)%'
    csrf_protection: true
+    handle_all_throwables: true

-    # Must be set to true, to enable the change of HTTP methhod via _method parameter, otherwise our delete routines does not work anymore
+    # We set this header by ourself, so we can disable it here
+    disallow_search_engine_index: false
+
+    # Must be set to true, to enable the change of HTTP method via _method parameter, otherwise our delete routines does not work anymore
    # TODO: Rework delete routines to work without _method parameter as it is not recommended anymore (see https://github.com/symfony/symfony/issues/45278)
    http_method_override: true

@@ -29,9 +33,6 @@ framework:
    php_errors:
        log: true

-    form:
-        legacy_error_messages: false    # Enable to use the new Form component validation messages
-
 when@test:
    framework:
        test: true
--- a/config/packages/http_client.yaml
+++ b/config/packages/http_client.yaml
@@ -0,0 +1,5 @@
+framework:
+  http_client:
+    default_options:
+      headers:
+        'User-Agent': 'Part-DB'
--- a/config/packages/http_discovery.yaml
+++ b/config/packages/http_discovery.yaml
@@ -0,0 +1,10 @@
+services:
+    Psr\Http\Message\RequestFactoryInterface: '@http_discovery.psr17_factory'
+    Psr\Http\Message\ResponseFactoryInterface: '@http_discovery.psr17_factory'
+    Psr\Http\Message\ServerRequestFactoryInterface: '@http_discovery.psr17_factory'
+    Psr\Http\Message\StreamFactoryInterface: '@http_discovery.psr17_factory'
+    Psr\Http\Message\UploadedFileFactoryInterface: '@http_discovery.psr17_factory'
+    Psr\Http\Message\UriFactoryInterface: '@http_discovery.psr17_factory'
+
+    http_discovery.psr17_factory:
+        class: Http\Discovery\Psr17Factory
--- a/config/packages/knpu_oauth2_client.yaml
+++ b/config/packages/knpu_oauth2_client.yaml
@@ -0,0 +1,38 @@
+knpu_oauth2_client:
+    clients:
+        # configure your clients as described here: https://github.com/knpuniversity/oauth2-client-bundle#configuration
+
+        ip_digikey_oauth:
+            type: generic
+            provider_class: '\League\OAuth2\Client\Provider\GenericProvider'
+
+            client_id: '%env(PROVIDER_DIGIKEY_CLIENT_ID)%'
+            client_secret: '%env(PROVIDER_DIGIKEY_SECRET)%'
+
+            redirect_route: 'oauth_client_check'
+            redirect_params: {name: 'ip_digikey_oauth'}
+
+            provider_options:
+                urlAuthorize: 'https://api.digikey.com/v1/oauth2/authorize'
+                urlAccessToken: 'https://api.digikey.com/v1/oauth2/token'
+                urlResourceOwnerDetails: ''
+
+                # Sandbox
+                #urlAuthorize: 'https://sandbox-api.digikey.com/v1/oauth2/authorize'
+                #urlAccessToken: 'https://sandbox-api.digikey.com/v1/oauth2/token'
+                #urlResourceOwnerDetails: ''
+
+        ip_octopart_oauth:
+            type: generic
+            provider_class: '\League\OAuth2\Client\Provider\GenericProvider'
+
+            client_id: '%env(PROVIDER_OCTOPART_CLIENT_ID)%'
+            client_secret: '%env(PROVIDER_OCTOPART_SECRET)%'
+
+            redirect_route: 'oauth_client_check'
+            redirect_params: { name: 'ip_octopart_oauth' }
+
+            provider_options:
+                urlAuthorize: 'https://identity.nexar.com/connect/authorize'
+                urlAccessToken: 'https://identity.nexar.com/connect/token'
+                urlResourceOwnerDetails: ''
--- a/config/packages/liip_imagine.yaml
+++ b/config/packages/liip_imagine.yaml
@@ -3,9 +3,15 @@ liip_imagine:
    # valid drivers options include "gd" or "gmagick" or "imagick"
    driver: "gd"

+    twig:
+        mode: lazy
+
+    default_filter_set_settings:
+        format: webp
+
    filter_sets:
        thumbnail_sm:
-            quality: 90
+            quality: 65
            filters:
                thumbnail:
                    size: [150, 150]
@@ -20,7 +26,7 @@ liip_imagine:
                    mode: inset

        thumbnail_xs:
-            quality: 90
+            quality: 60
            filters:
                thumbnail:
                    size: [50, 50]
--- a/config/packages/lock.yaml
+++ b/config/packages/lock.yaml
@@ -1,2 +0,0 @@
-framework:
-    lock: '%env(LOCK_DSN)%'
--- a/config/packages/nbgrp_onelogin_saml.yaml
+++ b/config/packages/nbgrp_onelogin_saml.yaml
@@ -0,0 +1,69 @@
+# See https://github.com/SAML-Toolkits/php-saml for more information about the SAML settings
+
+# Define a parameter here, so we can access it later in the default fallback
+parameters:
+  saml.sp.privateKey: '%env(string:SAML_SP_PRIVATE_KEY)%'
+
+nbgrp_onelogin_saml:
+  use_proxy_vars: '%env(bool:SAML_BEHIND_PROXY)%'
+  onelogin_settings:
+    default:
+      # Basic settings
+      idp:
+        entityId: '%env(string:SAML_IDP_ENTITY_ID)%'
+        singleSignOnService:
+          url: '%env(string:SAML_IDP_SINGLE_SIGN_ON_SERVICE)%'
+          binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
+        singleLogoutService:
+          url: '%env(string:SAML_IDP_SINGLE_LOGOUT_SERVICE)%'
+          binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
+        x509cert: '%env(string:SAML_IDP_X509_CERT)%'
+      sp:
+        entityId: '%env(string:SAML_SP_ENTITY_ID)%'
+        assertionConsumerService:
+          url: '%partdb.default_uri%saml/acs'
+          binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
+        singleLogoutService:
+          url: '%partdb.default_uri%logout'
+          binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
+        x509cert: '%env(string:SAML_SP_X509_CERT)%'
+        # Before the env variable was wrongly named "SAMLP_SP_PRIVATE_KEY".
+        # For compatibility reasons we keep it and only fallback to the new name if the old one is not set. This may be removed in the future.
+        privateKey: '%env(string:default:saml.sp.privateKey:string:SAMLP_SP_PRIVATE_KEY)%'
+
+      # Optional settings
+      #baseurl: 'http://myapp.com'
+      strict: true
+      debug: false
+      security:
+         allowRepeatAttributeName: true
+      #  nameIdEncrypted: false
+         authnRequestsSigned: true
+         logoutRequestSigned: true
+         logoutResponseSigned: true
+      #  wantMessagesSigned: false
+      #   wantAssertionsSigned: true
+      #  wantNameIdEncrypted: false
+      #  requestedAuthnContext: true
+      #  signMetadata: false
+      #  wantXMLValidation: true
+      #  relaxDestinationValidation: false
+      #  destinationStrictlyMatches: true
+      #  rejectUnsolicitedResponsesWithInResponseTo: false
+      #  signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
+      #  digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256'
+      #contactPerson:
+      #  technical:
+      #    givenName: 'Tech User'
+      #    emailAddress: 'techuser@example.com'
+      #  support:
+      #    givenName: 'Support User'
+      #    emailAddress: 'supportuser@example.com'
+      #  administrative:
+      #    givenName: 'Administrative User'
+      #    emailAddress: 'administrativeuser@example.com'
+      #organization:
+      #  en:
+      #    name: 'Part-DB-name'
+      #    displayname: 'Displayname'
+      #    url: 'http://example.com'
--- a/config/packages/nelmio_cors.yaml
+++ b/config/packages/nelmio_cors.yaml
@@ -0,0 +1,10 @@
+nelmio_cors:
+    defaults:
+        origin_regex: true
+        allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
+        allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
+        allow_headers: ['Content-Type', 'Authorization']
+        expose_headers: ['Link']
+        max_age: 3600
+    paths:
+        '^/': null
--- a/config/packages/nelmio_security.yaml
+++ b/config/packages/nelmio_security.yaml
@@ -12,6 +12,13 @@ nelmio_security:
    external_redirects:
        abort: true
        log: true
+        allow_list:
+            # Whitelist the domain of the SAML IDP, so we can redirect to it during the SAML login process
+            - '%env(string:key:host:url:SAML_IDP_SINGLE_SIGN_ON_SERVICE)%'
+
+            # Whitelist the info provider APIs (OAuth redirects)
+            - 'digikey.com'
+            - 'nexar.com'

    # forces Microsoft's XSS-Protection with
    # its block mode
--- a/config/packages/routing.yaml
+++ b/config/packages/routing.yaml
@@ -4,7 +4,7 @@ framework:

        # Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
        # See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
-        #default_uri: http://localhost
+        default_uri: '%env(DEFAULT_URI)%'

 when@prod:
    framework:
--- a/config/packages/scheb_2fa.yaml
+++ b/config/packages/scheb_2fa.yaml
@@ -1,10 +1,10 @@
-# See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/5.x/configuration.html
+# See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/6.x/configuration.html
 scheb_two_factor:

    google:
        enabled: true                   # If Google Authenticator should be enabled, default false
-        server_name: '%partdb.title%'   # Server name used in QR code
-        issuer: 'Part-DB'               # Issuer name used in QR code
+        server_name: '$$DOMAIN$$'       # This field is replaced by the domain name of the server in DecoratedGoogleAuthenticator
+        issuer: '%partdb.title%'        # Issuer name used in QR code
        digits: 6                       # Number of digits in authentication code
        window: 1                       # How many codes before/after the current one would be accepted as valid
        template: security/2fa_form.html.twig
@@ -23,6 +23,6 @@ scheb_two_factor:
    security_tokens:
        - Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
        # If you're using guard-based authentication, you have to use this one:
-        # - Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken
+        # - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken
        # If you're using authenticator-based security (introduced in Symfony 5.1), you have to use this one:
-        # - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken
+        - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -1,10 +1,8 @@
 security:
-    enable_authenticator_manager: true
-
+    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
    password_hashers:
        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'

-    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
@@ -12,6 +10,7 @@ security:
                class: App\Entity\UserSystem\User
                property: name

+
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
@@ -20,6 +19,13 @@ security:
            provider: app_user_provider
            lazy: true
            user_checker: App\Security\UserChecker
+            entry_point: form_login
+
+            # Enable user impersonation
+            switch_user: { role: CAN_SWITCH_USER }
+
+            custom_authenticators:
+                - App\Security\ApiTokenAuthenticator

            two_factor:
                auth_form_path: 2fa_login
@@ -29,6 +35,14 @@ security:
            login_throttling:
                max_attempts: 5 # per minute

+            saml:
+                use_referer: true
+                user_factory: saml_user_factory
+                persist_user: true
+                check_path: saml_acs
+                login_path: saml_login
+                failure_path: login
+
            # https://symfony.com/doc/current/security/form_login_setup.html
            form_login:
                login_path: login
@@ -55,3 +69,5 @@ security:
        # We get into trouble with the U2F authentication, if the calls to the trees trigger an 2FA login
        # This settings should not do much harm, because a read only access to show available data structures is not really critical
        - { path: "^/\\w{2}/tree", role: PUBLIC_ACCESS }
+        # Restrict access to API to users, which has the API access permission
+        - { path: "^/api", allow_if: 'is_granted("@api.access_api") and is_authenticated()' }
--- a/config/packages/sensio_framework_extra.yaml
+++ b/config/packages/sensio_framework_extra.yaml
@@ -1,3 +0,0 @@
-sensio_framework_extra:
-    router:
-        annotations: false
--- a/config/packages/test/framework.yaml
+++ b/config/packages/test/framework.yaml
@@ -1,4 +1,2 @@
 framework:
    test: true
-    session:
-        storage_id: session.storage.mock_file
--- a/config/packages/twig.yaml
+++ b/config/packages/twig.yaml
@@ -19,6 +19,8 @@ twig:
        sidebar_tree_updater: '@App\Services\Trees\SidebarTreeUpdater'
        avatar_helper: '@App\Services\UserSystem\UserAvatarHelper'
        available_themes: '%partdb.available_themes%'
+        saml_enabled: '%partdb.saml.enabled%'
+        part_preview_generator: '@App\Services\Attachments\PartPreviewGenerator'

 when@test:
    twig:
--- a/config/packages/uid.yaml
+++ b/config/packages/uid.yaml
@@ -0,0 +1,4 @@
+framework:
+    uid:
+        default_uuid_version: 7
+        time_based_uuid_version: 7
--- a/config/packages/ux_translator.yaml
+++ b/config/packages/ux_translator.yaml
@@ -0,0 +1,3 @@
+ux_translator:
+    # The directory where the JavaScript translations are dumped
+    dump_directory: '%kernel.project_dir%/var/translations'
--- a/config/packages/web_profiler.yaml
+++ b/config/packages/web_profiler.yaml
@@ -4,7 +4,9 @@ when@dev:
        intercept_redirects: false

    framework:
-        profiler: { only_exceptions: false }
+        profiler:
+            only_exceptions: false
+            collect_serializer_data: true

 when@test:
    web_profiler:
--- a/config/parameters.yaml
+++ b/config/parameters.yaml
@@ -11,15 +11,20 @@ parameters:
  partdb.banner: '%env(trim:string:BANNER)%'                  # The info text shown in the homepage, if empty config/banner.md is used
  partdb.default_currency: '%env(string:BASE_CURRENCY)%'      # The currency that is used inside the DB (and is assumed when no currency is set). This can not be changed later, so be sure to set it the currency used in your country
  partdb.global_theme: ''                                     # The theme to use globally (see public/build/themes/ for choices, use name without .css). Set to '' for default bootstrap theme
-  partdb.locale_menu: ['en', 'de', 'fr', 'ru', 'ja']          # The languages that are shown in user drop down menu
+  partdb.locale_menu: ['en', 'de', 'it', 'fr', 'ru', 'ja']    # The languages that are shown in user drop down menu
+  partdb.enforce_change_comments_for: '%env(csv:ENFORCE_CHANGE_COMMENTS_FOR)%' # The actions for which a change comment is required (e.g. "part_edit", "part_create", etc.). If this is empty, change comments are not required at all.
+
+  partdb.default_uri: '%env(string:DEFAULT_URI)%'             # The default URI to use for the Part-DB instance (e.g. https://part-db.example.com/). This is used for generating links in emails

  ######################################################################################################################
  # Users and Privacy
  ######################################################################################################################
-  partdb.gpdr_compliance: true                                  # If this option is activated, IP addresses are anonymized to be GPDR compliant
+  partdb.gdpr_compliance: true                                  # If this option is activated, IP addresses are anonymized to be GDPR compliant
  partdb.users.use_gravatar: '%env(bool:USE_GRAVATAR)%'         # Set to false, if no Gravatar images should be used for user profiles.
  partdb.users.email_pw_reset: '%env(bool:ALLOW_EMAIL_PW_RESET)%' # Config if users are able, to reset their password by email. By default this enabled, when a mail server is configured.

+  partdb.check_for_updates: '%env(bool:CHECK_FOR_UPDATES)' # Set to false, if Part-DB should not contact the GitHub API to check for updates
+
  ######################################################################################################################
  # Mail settings
  ######################################################################################################################
@@ -29,9 +34,10 @@ parameters:
  ######################################################################################################################
  # Attachments and files
  ######################################################################################################################
-  partdb.attachments.allow_downloads: '%env(bool:ALLOW_ATTACHMENT_DOWNLOADS)%'  # Allow users to download attachments to server. Warning: This can be dangerous, because via that feature attackers maybe can access ressources on your intranet!
-  partdb.attachments.dir.media: 'public/media/'               # The folder where uploaded attachment files are saved (must be in public folder)
-  partdb.attachments.dir.secure: 'uploads/'                   # The folder where secured attachment files are saved (must not be in public/)
+  partdb.attachments.allow_downloads: '%env(bool:ALLOW_ATTACHMENT_DOWNLOADS)%'    # Allow users to download attachments to server. Warning: This can be dangerous, because via that feature attackers maybe can access ressources on your intranet!
+  partdb.attachments.dir.media: 'public/media/'                                   # The folder where uploaded attachment files are saved (must be in public folder)
+  partdb.attachments.dir.secure: 'uploads/'                                       # The folder where secured attachment files are saved (must not be in public/)
+  partdb.attachments.max_file_size: '%env(string:MAX_ATTACHMENT_FILE_SIZE)%'      # The maximum size of an attachment file (in bytes, you can use M for megabytes and G for gigabytes)

  ######################################################################################################################
  # Error pages
@@ -39,6 +45,17 @@ parameters:
  partdb.error_pages.admin_email: '%env(trim:string:ERROR_PAGE_ADMIN_EMAIL)%'     # You can set an email address here, which is shown on an error page, how to contact an administrator
  partdb.error_pages.show_help: '%env(trim:string:ERROR_PAGE_SHOW_HELP)%'         # If this is set to true, solutions to common problems are shown on error pages. Disable this, if you do not want your users to see them...

+  ######################################################################################################################
+  # SAML
+  ######################################################################################################################
+  partdb.saml.enabled: '%env(bool:SAML_ENABLED)%'              # If this is set to true, SAML authentication is enabled
+
+  ######################################################################################################################
+  # Table settings
+  ######################################################################################################################
+  partdb.table.default_page_size: '%env(int:TABLE_DEFAULT_PAGE_SIZE)%'               # The default number of entries shown per page in tables
+  partdb.table.parts.default_columns: '%env(trim:string:TABLE_PARTS_DEFAULT_COLUMNS)%' # The default columns in part tables and their order
+
  ######################################################################################################################
  # Sidebar
  ######################################################################################################################
@@ -95,7 +112,9 @@ parameters:
  env(INSTANCE_NAME): 'Part-DB'
  env(BASE_CURRENCY): 'EUR'
  env(USE_GRAVATAR): '0'
-  env(ALLOW_ATTACHMENT_DOWNLOADS): 0
+  env(MAX_ATTACHMENT_FILE_SIZE): '100M'
+
+  env(ENFORCE_CHANGE_COMMENTS_FOR): ''

  env(ERROR_PAGE_ADMIN_EMAIL): ''
  env(ERROR_PAGE_SHOW_HELP): 1
@@ -108,5 +127,17 @@ parameters:
  env(EMAIL_SENDER_NAME): 'Part-DB Mailer'
  env(ALLOW_EMAIL_PW_RESET): 0

+  env(TABLE_DEFAULT_PAGE_SIZE): 50
+
  env(TRUSTED_PROXIES): '127.0.0.1' #By default trust only our own server
  env(TRUSTED_HOSTS): '' # Trust all host names by default
+
+  env(DEFAULT_URI): 'https://partdb.changeme.invalid/'
+
+  env(SAML_ROLE_MAPPING): '{}'
+
+  env(HISTORY_SAVE_CHANGED_DATA): 1
+  env(HISTORY_SAVE_CHANGED_FIELDS): 1
+  env(HISTORY_SAVE_REMOVED_DATA): 1
+  env(HISTORY_SAVE_NEW_DATA): 1
+
--- a/config/permissions.yaml
+++ b/config/permissions.yaml
@@ -25,24 +25,35 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
        # If a part can be read by a user, he can also see all the datastructures (except devices)
        alsoSet: ['storelocations.read', 'footprints.read', 'categories.read', 'suppliers.read', 'manufacturers.read',
                  'currencies.read', 'attachment_types.read', 'measurement_units.read']
+        apiTokenRole: ROLE_API_READ_ONLY
      edit:
        label: "perm.edit"
        alsoSet: ['read', 'parts_stock.withdraw', 'parts_stock.add', 'parts_stock.move']
+        apiTokenRole: ROLE_API_EDIT
      create:
        label: "perm.create"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_EDIT
      delete:
        label: "perm.delete"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_EDIT
      change_favorite:
        label: "perm.part.change_favorite"
        alsoSet: ['edit']
+        apiTokenRole: ROLE_API_EDIT
      show_history:
        label: "perm.part.show_history"
        alsoSet: ['read']
+        apiTokenRole: ROLE_API_READ_ONLY
      revert_element:
        label: "perm.revert_elements"
        alsoSet: ["read", "edit", "create", "delete", "show_history"]
+        apiTokenRole: ROLE_API_EDIT
+      import:
+        label: "perm.import"
+        alsoSet: ["read", "edit", "create"]
+        apiTokenRole: ROLE_API_EDIT

  parts_stock:
    group: "data"
@@ -50,10 +61,13 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
    operations:
      withdraw:
        label: "perm.parts_stock.withdraw"
+        apiTokenRole: ROLE_API_EDIT
      add:
        label: "perm.parts_stock.add"
+        apiTokenRole: ROLE_API_EDIT
      move:
        label: "perm.parts_stock.move"
+        apiTokenRole: ROLE_API_EDIT


  storelocations: &PART_CONTAINING
@@ -62,20 +76,30 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
    operations:
      read:
        label: "perm.read"
+        apiTokenRole: ROLE_API_READ_ONLY
      edit:
        label: "perm.edit"
        alsoSet: 'read'
+        apiTokenRole: ROLE_API_EDIT
      create:
        label: "perm.create"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_EDIT
      delete:
        label: "perm.delete"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_EDIT
      show_history:
        label: "perm.show_history"
+        apiTokenRole: ROLE_API_READ_ONLY
      revert_element:
        label: "perm.revert_elements"
        alsoSet: ["read", "edit", "create", "delete", "show_history"]
+        apiTokenRole: ROLE_API_EDIT
+      import:
+        label: "perm.import"
+        alsoSet: [ "read", "edit", "create" ]
+        apiTokenRole: ROLE_API_EDIT

  footprints:
    <<: *PART_CONTAINING
@@ -133,29 +157,48 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
      ic_logos:
        label: "perm.tools.ic_logos"

+  info_providers:
+    label: "perm.part.info_providers"
+    operations:
+      create_parts:
+        label: "perm.part.info_providers.create_parts"
+        alsoSet: ['parts.create']
+        apiTokenRole: ROLE_API_EDIT
+
  groups:
    label: "perm.groups"
    group: "system"
    operations:
      read:
        label: "perm.read"
+        apiTokenRole: ROLE_API_ADMIN
      edit:
        label: "perm.edit"
        alsoSet: 'read'
+        apiTokenRole: ROLE_API_ADMIN
      create:
        label: "perm.create"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_ADMIN
      delete:
        label: "perm.delete"
        alsoSet: ['read', 'delete']
+        apiTokenRole: ROLE_API_ADMIN
      edit_permissions:
        label: "perm.edit_permissions"
        alsoSet: ['read', 'edit']
+        apiTokenRole: ROLE_API_ADMIN
      show_history:
        label: "perm.show_history"
+        apiTokenRole: ROLE_API_ADMIN
      revert_element:
        label: "perm.revert_elements"
        alsoSet: ["read", "edit", "create", "delete", "edit_permissions", "show_history"]
+        apiTokenRole: ROLE_API_ADMIN
+      import:
+        label: "perm.import"
+        alsoSet: [ "read", "edit", "create" ]
+        apiTokenRole: ROLE_API_ADMIN

  users:
    label: "perm.users"
@@ -163,31 +206,49 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
    operations:
      read:
        label: "perm.read"
+        apiTokenRole: ROLE_API_ADMIN
      create:
        label: "perm.create"
        alsoSet: ['read', 'edit_username', 'edit_infos']
+        apiTokenRole: ROLE_API_ADMIN
      delete:
        label: "perm.delete"
        alsoSet: ['read', 'edit_username', 'edit_infos']
+        apiTokenRole: ROLE_API_ADMIN
      edit_username:
        label: "perm.users.edit_user_name"
        alsoSet: ['read']
+        apiTokenRole: ROLE_API_ADMIN
      edit_infos:
        label: "perm.users.edit_infos"
        alsoSet: 'read'
+        apiTokenRole: ROLE_API_ADMIN
      edit_permissions:
        label: "perm.users.edit_permissions"
        alsoSet: 'read'
+        apiTokenRole: ROLE_API_ADMIN
      set_password:
        label: "perm.users.set_password"
        alsoSet: 'read'
+        apiTokenRole: ROLE_API_FULL
+      impersonate:
+        label: "perm.users.impersonate"
+        alsoSet: ['set_password']
+        apiTokenRole: ROLE_API_FULL
      change_user_settings:
        label: "perm.users.change_user_settings"
+        apiTokenRole: ROLE_API_ADMIN
      show_history:
        label: "perm.show_history"
+        apiTokenRole: ROLE_API_ADMIN
      revert_element:
        label: "perm.revert_elements"
        alsoSet: ["read", "create", "delete", "edit_permissions", "show_history", "edit_infos", "edit_username"]
+        apiTokenRole: ROLE_API_ADMIN
+      import:
+        label: "perm.import"
+        alsoSet: [ "read", "create" ]
+        apiTokenRole: ROLE_API_ADMIN

  #database:
  #  label: "perm.database"
@@ -222,60 +283,94 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
    operations:
      show_logs:
        label: "perm.show_logs"
+        apiTokenRole: ROLE_API_ADMIN
      delete_logs:
        label: "perm.delete_logs"
        alsoSet: 'show_logs'
+        apiTokenRole: ROLE_API_ADMIN
      server_infos:
        label: "perm.server_infos"
+        apiTokenRole: ROLE_API_ADMIN
+      manage_oauth_tokens:
+        label: "Manage OAuth tokens"
+        apiTokenRole: ROLE_API_ADMIN
+      show_updates:
+        label: "perm.system.show_available_updates"
+        apiTokenRole: ROLE_API_ADMIN
+

  attachments:
    label: "perm.part.attachments"
    operations:
      show_private:
        label: "perm.attachments.show_private"
+        apiTokenRole: ROLE_API_READ_ONLY
      list_attachments:
        label: "perm.attachments.list_attachments"
        alsoSet: ['attachment_types.read']
+        apiTokenRole: ROLE_API_READ_ONLY

  self:
    label: "perm.self"
    operations:
      edit_infos:
        label: "perm.self.edit_infos"
+        apiTokenRole: ROLE_API_FULL
      edit_username:
        label: "perm.self.edit_username"
+        apiTokenRole: ROLE_API_FULL
      show_permissions:
        label: "perm.self.show_permissions"
+        apiTokenRole: ROLE_API_READ_ONLY
      show_logs:
        label: "perm.self.show_logs"
+        apiTokenRole: ROLE_API_FULL

  labels:
    label: "perm.labels"
    operations:
      create_labels:
        label: "perm.self.create_labels"
+        apiTokenRole: ROLE_API_READ_ONLY
      edit_options:
        label: "perm.self.edit_options"
        alsoSet: ['create_labels']
+        apiTokenRole: ROLE_API_READ_ONLY
      read_profiles:
        label: "perm.self.read_profiles"
+        apiTokenRole: ROLE_API_READ_ONLY
      edit_profiles:
        label: "perm.self.edit_profiles"
        alsoSet: ['read_profiles']
+        apiTokenRole: ROLE_API_EDIT
      create_profiles:
        label: "perm.self.create_profiles"
        alsoSet: ['read_profiles', 'edit_profiles']
+        apiTokenRole: ROLE_API_EDIT
      delete_profiles:
        label: "perm.self.delete_profiles"
        alsoSet: ['read_profiles', 'edit_profiles', 'create_profiles']
+        apiTokenRole: ROLE_API_EDIT
      use_twig:
        label: "perm.labels.use_twig"
        alsoSet: ['create_labels', 'edit_options']
+        apiTokenRole: ROLE_API_ADMIN
      show_history:
        label: "perm.show_history"
        alsoSet: ['read_profiles']
+        apiTokenRole: ROLE_API_READ_ONLY
      revert_element:
        label: "perm.revert_elements"
        alsoSet: ['read_profiles', 'edit_profiles', 'create_profiles', 'delete_profiles']
+        apiTokenRole: ROLE_API_EDIT

-
+  api:
+    label: "perm.api"
+    operations:
+      access_api:
+        label: "perm.api.access_api"
+        apiTokenRole: ROLE_API_READ_ONLY
+      manage_tokens:
+        label: "perm.api.manage_tokens"
+        alsoSet: ['access_api']
+        apiTokenRole: ROLE_API_FULL
--- a/config/routes.yaml
+++ b/config/routes.yaml
@@ -1,12 +1,8 @@
-#index:
-#    path: /
-#    controller: App\Controller\DefaultController::index
-
 # Redirect every url without an locale to the locale of the user/the global base locale

 scan_qr:
    path: /scan/{type}/{id}
-    controller: App\Controller\ScanController:scanQRCode
+    controller: App\Controller\ScanController::scanQRCode

 csp_report:
    path: /csp/report
@@ -19,5 +15,5 @@ redirector:
    requirements:
        url: ".*"
    controller: App\Controller\RedirectController::addLocalePart
-    # Dont match localized routes (no redirection loop, if no root with that name exists)
-    condition: "not (request.getPathInfo() matches '/^\\\\/[a-z]{2}(_[A-Z]{2})?\\\\//')"
+    # Dont match localized routes (no redirection loop, if no root with that name exists) or API prefixed routes
+    condition: "not (request.getPathInfo() matches '/^\\\\/([a-z]{2}(_[A-Z]{2})?|api)\\\\//')"
--- a/config/routes/api_platform.yaml
+++ b/config/routes/api_platform.yaml
@@ -0,0 +1,4 @@
+api_platform:
+    resource: .
+    type: api_platform
+    prefix: /api
--- a/config/routes/annotations.yaml
+++ b/config/routes/annotations.yaml
@@ -1,6 +1,8 @@
 controllers:
-    resource: ../../src/Controller/
-    type: annotation
+    resource:
+        path: ../../src/Controller/
+        namespace: App\Controller
+    type: attribute
    prefix: '{_locale}'

    defaults:
@@ -11,4 +13,4 @@ controllers:

 kernel:
    resource: ../../src/Kernel.php
-    type: annotation
+    type: attribute
--- a/config/routes/nbgrp_saml.yaml
+++ b/config/routes/nbgrp_saml.yaml
@@ -0,0 +1,4 @@
+nbgrp_saml:
+  resource: "@NbgrpOneloginSamlBundle/Resources/config/routes.php"
+  # Only load the SAML routes if SAML is enabled
+  condition: "env('SAML_ENABLED') == '1' or env('SAML_ENABLED') == 'true'"
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -14,16 +14,19 @@ services:
        autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
        bind:
            bool $demo_mode: '%partdb.demo_mode%'
-            bool $gpdr_compliance : '%partdb.gpdr_compliance%'
-            bool $kernel_debug: '%kernel.debug%'
+            bool $gdpr_compliance: '%partdb.gdpr_compliance%'
+            bool $kernel_debug_enabled: '%kernel.debug%'
            string $kernel_cache_dir: '%kernel.cache_dir%'
            string $partdb_title: '%partdb.title%'
-            string $default_currency: '%partdb.default_currency%'
+            string $base_currency: '%partdb.default_currency%'

    _instanceof:
        App\Services\LabelSystem\PlaceholderProviders\PlaceholderProviderInterface:
            tags: ['app.label_placeholder_provider']

+        App\Services\InfoProviderSystem\Providers\InfoProviderInterface:
+            tags: ['app.info_provider']
+
    # makes classes in src/ available to be used as services
    # this creates a service per class whose id is the fully-qualified class name
    App\:
@@ -78,6 +81,7 @@ services:
            $save_changed_fields: '%env(bool:HISTORY_SAVE_CHANGED_FIELDS)%'
            $save_changed_data: '%env(bool:HISTORY_SAVE_CHANGED_DATA)%'
            $save_removed_data: '%env(bool:HISTORY_SAVE_REMOVED_DATA)%'
+            $save_new_data: '%env(bool:HISTORY_SAVE_NEW_DATA)%'
        tags:
            - { name: 'doctrine.event_subscriber' }

@@ -87,18 +91,18 @@ services:

    App\Form\AttachmentFormType:
        arguments:
-            $allow_attachments_downloads: '%partdb.attachments.allow_downloads%'
+            $allow_attachments_download: '%partdb.attachments.allow_downloads%'
+            $max_file_size: '%partdb.attachments.max_file_size%'

    App\Services\Attachments\AttachmentSubmitHandler:
        arguments:
            $allow_attachments_downloads: '%partdb.attachments.allow_downloads%'
            $mimeTypes: '@mime_types'
+            $max_upload_size: '%partdb.attachments.max_file_size%'

-    App\EventSubscriber\LogSystem\LogoutLoggerListener:
-        tags:
-            - name: 'kernel.event_listener'
-              event: 'Symfony\Component\Security\Http\Event\LogoutEvent'
-              dispatcher: security.event_dispatcher.main
+    App\Services\LogSystem\EventCommentNeededHelper:
+        arguments:
+            $enforce_change_comments_for: '%partdb.enforce_change_comments_for%'

    ####################################################################################################################
    # Attachment system
@@ -127,6 +131,15 @@ services:
    # Security
    ####################################################################################################################

+    saml_user_factory:
+        alias: App\Security\SamlUserFactory
+        public: true
+
+    App\Security\SamlUserFactory:
+        arguments:
+            $saml_role_mapping: '%env(json:SAML_ROLE_MAPPING)%'
+            $update_group_on_login: '%env(bool:SAML_UPDATE_GROUP_ON_LOGIN)%'
+
    ####################################################################################################################
    # Cache
    ####################################################################################################################
@@ -167,7 +180,7 @@ services:

    App\EventSubscriber\UserSystem\SetUserTimezoneSubscriber:
        arguments:
-            $timezone: '%partdb.timezone%'
+            $default_timezone: '%partdb.timezone%'

    App\Controller\SecurityController:
        arguments:
@@ -194,6 +207,19 @@ services:
        arguments:
            $available_themes: '%partdb.available_themes%'

+    App\Command\User\ConvertToSAMLUserCommand:
+        arguments:
+            $saml_enabled: '%partdb.saml.enabled%'
+
+    ####################################################################################################################
+    # Table settings
+    ####################################################################################################################
+    App\DataTables\PartsDataTable:
+        arguments:
+            $visible_columns: '%partdb.table.parts.default_columns%'
+
+    App\DataTables\Helpers\ColumnSortHelper:
+        shared: false   # Service has a state so not share it between different tables

    ####################################################################################################################
    # Label system
@@ -207,6 +233,11 @@ services:
        tags:
            - { name: 'app.label_placeholder_provider', priority: 10}

+    App\Services\LabelSystem\DompdfFactory:
+        arguments:
+            $fontDirectory: '%kernel.project_dir%/var/dompdf/fonts/'
+            $tmpDirectory: '%kernel.project_dir%/var/dompdf/tmp/'
+
    ####################################################################################################################
    # Trees
    ####################################################################################################################
@@ -215,6 +246,62 @@ services:
            $rootNodeExpandedByDefault: '%partdb.sidebar.root_expanded%'
            $rootNodeEnabled: '%partdb.sidebar.root_node_enable%'

+    ####################################################################################################################
+    # Part info provider system
+    ####################################################################################################################
+    App\Services\InfoProviderSystem\ProviderRegistry:
+        arguments:
+            $providers: !tagged_iterator 'app.info_provider'
+
+    App\Services\InfoProviderSystem\Providers\Element14Provider:
+        arguments:
+            $api_key: '%env(string:PROVIDER_ELEMENT14_KEY)%'
+            $store_id: '%env(string:PROVIDER_ELEMENT14_STORE_ID)%'
+
+    App\Services\InfoProviderSystem\Providers\DigikeyProvider:
+        arguments:
+            $clientId: '%env(string:PROVIDER_DIGIKEY_CLIENT_ID)%'
+            $currency: '%env(string:PROVIDER_DIGIKEY_CURRENCY)%'
+            $language: '%env(string:PROVIDER_DIGIKEY_LANGUAGE)%'
+            $country: '%env(string:PROVIDER_DIGIKEY_COUNTRY)%'
+
+    App\Services\InfoProviderSystem\Providers\TMEClient:
+        arguments:
+            $secret: '%env(string:PROVIDER_TME_SECRET)%'
+            $token: '%env(string:PROVIDER_TME_KEY)%'
+
+    App\Services\InfoProviderSystem\Providers\TMEProvider:
+        arguments:
+            $currency: '%env(string:PROVIDER_TME_CURRENCY)%'
+            $country: '%env(string:PROVIDER_TME_COUNTRY)%'
+            $language: '%env(string:PROVIDER_TME_LANGUAGE)%'
+            $get_gross_prices: '%env(bool:PROVIDER_TME_GET_GROSS_PRICES)%'
+
+    App\Services\InfoProviderSystem\Providers\OctopartProvider:
+        arguments:
+            $clientId: '&env(string:PROVIDER_OCTOPART_CLIENT_ID)%'
+            $secret: '%env(string:PROVIDER_OCTOPART_SECRET)%'
+            $country: '%env(string:PROVIDER_OCTOPART_COUNTRY)%'
+            $currency: '%env(string:PROVIDER_OCTOPART_CURRENCY)%'
+            $search_limit: '%env(int:PROVIDER_OCTOPART_SEARCH_LIMIT)%'
+            $onlyAuthorizedSellers: '%env(bool:PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS)%'
+
+    App\Services\InfoProviderSystem\Providers\MouserProvider:
+        arguments:
+            $api_key: '%env(string:PROVIDER_MOUSER_KEY)%'
+            $language: '%env(string:PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE)%'
+            $options: '%env(string:PROVIDER_MOUSER_SEARCH_OPTION)%'
+            $search_limit: '%env(int:PROVIDER_MOUSER_SEARCH_LIMIT)%'
+
+    ####################################################################################################################
+    # API system
+    ####################################################################################################################
+    App\State\PartDBInfoProvider:
+        arguments:
+            $default_uri: '%partdb.default_uri%'
+            $global_locale: '%partdb.locale%'
+            $global_timezone: '%partdb.timezone%'
+
    ####################################################################################################################
    # Symfony overrides
    ####################################################################################################################
@@ -225,6 +312,13 @@ services:
        tags:
          - {name: serializer.normalizer, priority: -9000}

+    # Disable igbinary serialization for cache even when igbinary is available, as it causes issues with the doctrine
+    # proxy objects (see https://github.com/igbinary/igbinary/issues/377 and https://github.com/igbinary/igbinary/issues/273)
+    cache.default_marshaller:
+        class: Symfony\Component\Cache\Marshaller\DefaultMarshaller
+        arguments:
+            $useIgbinarySerialize: false
+

    ####################################################################################################################
    # Miscellaneous
@@ -238,7 +332,7 @@ services:
        tags:
            - { name: 'doctrine.fixtures.purger_factory', alias: 'reset_autoincrement_purger' }

-    # We are needing this service inside of a migration, where only the container is injected. So we need to define it as public, to access it from the container.
+    # We are needing this service inside a migration, where only the container is injected. So we need to define it as public, to access it from the container.
    App\Services\UserSystem\PermissionPresetsHelper:
        public: true

@@ -246,6 +340,16 @@ services:
        arguments:
            $project_dir: '%kernel.project_dir%'

+    App\Services\System\UpdateAvailableManager:
+        arguments:
+            $check_for_updates: '%partdb.check_for_updates%'
+
+    App\Services\System\BannerHelper:
+        arguments:
+            $partdb_banner: '%partdb.banner%'
+            $project_dir: '%kernel.project_dir%'
+
+
    ####################################################################################################################
    # Monolog
    ####################################################################################################################
@@ -262,3 +366,14 @@ services:
        autowire: true
        tags:
            - { name: monolog.processor }
+
+when@test:
+    services:
+        # Decorate the doctrine fixtures load command to use our custom purger by default
+        doctrine.fixtures_load_command.custom:
+            decorates: doctrine.fixtures_load_command
+            class: Doctrine\Bundle\FixturesBundle\Command\LoadDataFixturesDoctrineCommand
+            arguments:
+                - '@doctrine.fixtures.loader'
+                - '@doctrine'
+                - { default: '@App\Doctrine\Purger\ResetAutoIncrementPurgerFactory' }
--- a/docs/api/authentication.md
+++ b/docs/api/authentication.md
@@ -0,0 +1,78 @@
+---
+title: Authentication
+layout: default
+parent: API
+nav_order: 2
+---
+
+# Authentication
+
+To use API endpoints, the external application has to authenticate itself, so that Part-DB knows which user is accessing
+the data and which permissions
+the application should have during the access. Authentication is always bound to a specific user, so the external
+applications is acting on behalf of a
+specific user. This user limits the permissions of the application, so that it can only access data, which the user is
+allowed to access.
+
+The only method currently available for authentication is to use API tokens:
+
+## API tokens
+
+An API token is a long alphanumeric string, which is bound to a specific user and can be used to authenticate as this
+user, when accessing the API.
+The API token is passed via the `Authentication` HTTP header during the API request, like the
+following: `Authentication: Bearer tcp_sdjfks....`.
+
+{: .important }
+> Everybody who knows the API token can access the API as the user, which is bound to the token. So you should treat the
+> API token like a password
+> and keep it secret. Only share it with trusted applications.
+
+API tokens can be created and managed on the user settings page in the API token section. You can create as many API
+tokens as you want and also delete them again.
+When deleting a token, it is immediately invalidated and can not be used anymore, which means that the application can
+not access the API anymore with this token.
+
+### Token permissions and scopes
+
+API tokens are ultimately limited by the permissions of the user, which belongs to the token. That means that the token
+can only access data, which the user is allowed to access, no matter the token permissions.
+
+But you can further limit the permissions of a token by choosing a specific scope for the token. The scope defines which
+subset of permissions the token has, which can be less than the permissions of the user. For example, you can have a
+user
+with full read and write permissions, but create a token with only read permissions, which can only read data, but not
+change anything in the database.
+
+{: .warning }
+> In general, you should always use the least possible permissions for a token, to limit the possible damage, which can
+> be done with a stolen token or a bug in the application.
+> Only use the full or admin scope, if you really need it, as they could potentially be used to do a lot of damage to
+> your Part-DB instance.
+
+Following token scopes are available:
+
+* **Read-Only**: The token can only read non-sensitive data (like parts, but no users or groups) from the API and can
+  not change anything.
+* **Edit**: The token can read and write non-sensitive data via the API. This includes creating, updating and deleting
+  data. This should be enough for most applications.
+* **Admin**: The token can read and write all data via the API, including sensitive data like users and groups. This
+  should only be used for trusted applications, which need to access sensitive data, and perform administrative actions.
+* **Full**: The token can do anything the user can do, including changing the users password and create new tokens. This
+  should only be used for highly trusted applications!!
+
+Please note, that in early versions of the API, there might be no endpoints yet, to really perform the actions, which
+would be allowed by the token scope.
+
+### Expiration date
+
+API tokens can have an expiration date, which means that the token is only valid until the expiration date. After that
+the token is automatically invalidated and can not be used anymore. The token is still listed on the user settings page,
+and can be deleted there, but the code can not be used to access Part-DB anymore after the expiration date.
+
+### Get token information
+
+When authenticating with an API token, you can get information about the currently used token by accessing
+the `/api/tokens/current` endpoint.
+It gives you information about the token scope, expiration date and the user, which is bound to the token and the last
+time the token was used.
--- a/docs/api/index.md
+++ b/docs/api/index.md
@@ -0,0 +1,11 @@
+---
+layout: default
+title: API
+nav_order: 7
+has_children: true
+---
+
+# API
+
+Part-DB provides a REST API to access the data stored in the database.
+In this section you can find information about the API and how to use it.
--- a/docs/api/intro.md
+++ b/docs/api/intro.md
@@ -0,0 +1,178 @@
+---
+title: Introduction
+layout: default
+parent: API
+nav_order: 1
+---
+
+# Introduction
+
+Part-DB provides a [REST API](https://en.wikipedia.org/wiki/REST) to programmatically access the data stored in the
+database.
+This allows external applications to interact with Part-DB, extend it or integrate it into other applications.
+
+{: .warning }
+> This feature is currently in beta. Please report any bugs you find.
+> The API should not be considered stable yet and could change in future versions, without prior notice.
+> Some features might be missing or not working yet.
+> Also be aware, that there might be security issues in the API, which could allow attackers to access or edit data via
+> the API, which
+> they normally should be able to access. So currently you should only use the API with trusted users and trusted
+> applications.
+
+Part-DB uses [API Platform](https://api-platform.com/) to provide the API, which allows for easy creation of REST APIs
+with Symfony and gives you a lot of features out of the box.
+See the [API Platform documentation](https://api-platform.com/docs/core/) for more details about the API Platform
+features and how to use them.
+
+## Enable the API
+
+The API is available under the `/api` path, but not reachable without proper permissions.
+You have to give the users, which should be able to access the API the proper permissions (Miscellaneous -> API).
+Please note that there are two relevant permissions, the first one allows users to access the `/api/` path at all and
+showing the documentation,
+and the second one allows them to create API tokens which is needed for authentication of external applications.
+
+## Authentication
+
+To use API endpoints, the external application has to authenticate itself, so that Part-DB knows which user is accessing
+the data and
+which permissions the application should have. Basically this is done by creating an API token for a user and then
+passing it on every request
+with the `Authorization` header as bearer token, so you add a header `Authorization: Bearer <your token>`.
+
+See [Authentication chapter]({% link api/authentication.md %}) for more details.
+
+## API endpoints
+
+The API is split into different endpoints, which are reachable under the `/api/` path of your Part-DB instance (
+so `https://your-part-db.local/api/`).
+There are various endpoints for each entity type (like `part`, `manufacturer`, etc.), which allow you to read and write
+data and some special endpoints like `search` or `statistics`.
+
+For example all API endpoints for managing categories are available under `/api/categories/`. Depending on the exact
+path and the HTTP method used, you can read, create, update or delete categories.
+For most entities, there are endpoints like this:
+
+* **GET**: `/api/categories/` - List all categories in the database (with pagination of the results)
+* **POST**: `/api/categories/` - Create a new category
+* **GET**: `/api/categories/{id}` - Get a specific category by its ID
+* **DELETE**: `/api/categories/{id}` - Delete a specific category by its ID
+* **UPDATE**: `/api/categories/{id}` - Update a specific category by its ID. Only the fields which are sent in the
+  request are updated, all other fields are left unchanged.
+  Be aware that you have to set the [JSON Merge Patch](https://datatracker.ietf.org/doc/html/rfc7386) content type
+  header (`Content-Type: application/merge-patch+json`) for this to work.
+
+A full (interactive) list of endpoints can be displayed when visiting the `/api/` path in your browser, when you are
+logged in with a user, which is allowed to access the API.
+There is also a link to this page, on the user settings page in the API token section.
+This documentation also list all available fields for each entity type and the allowed operations.
+
+## Formats
+
+The API supports different formats for the request and response data, which you can control via the `Accept`
+and `Content-Type` headers.
+You should use [JSON-LD](https://json-ld.org/) as format, which is basically JSON with some additional metadata, which
+allows
+to describe the data in a more structured way and also allows to link between different entities. You can achieve this
+by setting `Accept: application/ld+json` header to the API requests.
+
+To get plain JSON without any metadata or links, use the `Accept: application/json` header.
+
+Without an `Accept` header (e.g. when you call the endpoint in a browser), the API will return an HTML page with the
+documentation, so be sure to include the desired `Accept` header in your API requests.
+If you can not control the `Accept` header, you can add an `.json` or `.jsonld` suffix to the URL to enforce a JSON or
+JSON-LD response (e.g. `/api/parts.jsonld`).
+
+## OpenAPI schema
+
+Part-DB provides a [OpenAPI](https://swagger.io/specification/) (formally Swagger) schema for the API
+under `/api/docs.json` (so `https://your-part-db.local/api/docs.json`).
+This schema is a machine-readable description of the API, which can be imported in software to test the API or even
+automatically generate client libraries for the API.
+
+API generators which can generate a client library for the API from the schema are available for many programming
+languages, like [OpenAPI Generator](https://openapi-generator.tech/).
+
+An JSONLD/Hydra version of the schema is also available under `/api/docs.jsonld` (
+so `https://your-part-db.local/api/docs.jsonld`).
+
+## Interactive documentation
+
+Part-DB provides an interactive documentation for the API, which is available under `/api/docs` (
+so `https://your-part-db.local/api/docs`).
+You can pass your API token in the form on the top of the page, to authenticate yourself, and then you can try out the
+API directly in the browser.
+This is a great way to test the API and see how it works, without having to write any code.
+
+## Pagination
+
+By default, all list endpoints are paginated, which means only a certain number of results is returned per request.
+To get another page of the results, you have to use the `page` query parameter, which contains the page number you want
+to get (e.g. `/api/categoues/?page=2`).
+When using JSONLD, the links to the next page are also included in the `hydra:view` property of the response.
+
+To change the size of the pages (the number of items in a single page) use the `itemsPerPage` query parameter (
+e.g. `/api/categoues/?itemsPerPage=50`).
+
+See [API Platform docs](https://api-platform.com/docs/core/pagination) for more infos.
+
+## Filtering results / Searching
+
+When retrieving a list of entities, you can restrict the results by various filters. Almost all entities have a search
+filter,
+which allows you to only include entities, which (text) fields match the given search term: For example if you only want
+to
+get parts, with the Name "BC547", you can use `/api/parts.jsonld?name=BC547`. You can use `%` as wildcard for multiple
+characters
+in the search term (Be sure to properly encode the search term, if you use special characters). For example if you want
+to get all parts,
+whose name starts with "BC", you can use `/api/parts.jsonld?name=BC%25` (the `%25` is the url encoded version of `%`).
+
+There are other filters available for some entities, allowing you to search on other fields, or restricting the results
+by numeric values or dates. See the endpoint documentation for the available filters.
+
+## Filter by associated entities
+
+To get all parts with a certain category, manufacturer, etc. you can use the `category`, `manufacturer`, etc. query
+parameters of the `/api/parts` endpoint.
+They are so-called entity filters and accept a comma separated list of IDs of the entities you want to filter by.
+For example if you want to get all parts with the category "Resistor" (Category ID 1) and "Capacitor" (Category ID 2),
+you can use `/api/parts.jsonld?category=1,2`.
+
+Suffix an id with `+` to suffix, to include all direct children categories of the given category. Use the `++` suffix to
+include all children categories recursively.
+To get all parts with the category "Resistor" (Category ID 1) and all children categories of "Capacitor" (Category ID
+2), you can use `/api/parts.jsonld?category=1,2++`.
+
+See the endpoint documentation for the available entity filters.
+
+## Ordering results
+
+When retrieving a list of entities, you can order the results by various fields using the `order` query parameter.
+For example if you want to get all parts ordered by their name, you can use `/api/parts/?order[name]=asc`. You can use
+this parameter multiple times to order by multiple fields.
+
+See the endpoint documentation for the available fields to order by.
+
+## Property filter
+
+Sometimes you only want to get a subset of the properties of an entity, for example when you only need the name of a
+part, but not all the other properties.
+You can achieve this using the `properties[]` query parameter with the name of the field you want to get. You can use
+this parameter multiple times to get multiple fields.
+For example if you only want to get the name and the description of a part, you can
+use `/api/parts/123?properties[]=name&properties[]=description`.
+It is also possible to use this filters on list endpoints (get collection), to only get a subset of the properties of
+all entities in the collection.
+
+See [API Platform docs](https://api-platform.com/docs/core/filters/#property-filter) for more infos.
+
+## Change comment
+
+Similar to the changes using Part-DB web interface, you can add a change comment to every change you make via the API,
+which will be
+visible in the log of the entity.
+
+You can pass the text for this via the `_comment` query parameter (beware the proper encoding). For
+example `/api/parts/123?_comment=This%20is%20a%20change%20comment`.
--- a/docs/assets/usage/import_export/part_import_example.csv
+++ b/docs/assets/usage/import_export/part_import_example.csv
@@ -0,0 +1,4 @@
+name;description;category;notes;footprint;tags;quantity;storage_location;mass;ipn;mpn;manufacturing_status;manufacturer;supplier;spn;price;favorite;needs_review;minamount;partUnit;manufacturing_status
+BC547;NPN transistor;Transistors -> NPN;very important notes;TO -> TO-92;NPN,Transistor;5;Room 1 -> Shelf 1 -> Box 2;10;;;Manufacturer;;You need to fill this line, to use spn and price;BC547C;2,3;0;;;;
+BC557;PNP transistor;<b>HTML</b>;;TO -> TO-92;PNP,Transistor;10;Room 2-> Box 3;;Internal1234;;;;;;;;1;;;active
+Copper Wire;;Wire;;;;;;;;;;;;;;;;;Meter;
--- a/docs/assets/usage/information_provider_system/animation.gif
+++ b/docs/assets/usage/information_provider_system/animation.gif
--- a/docs/concepts.md
+++ b/docs/concepts.md
@@ -5,6 +5,7 @@ nav_order: 2
 ---

 # Concepts
+
 This page explains the different concepts of Part-DB and what their intended use is:

 1. TOC
@@ -13,42 +14,76 @@ This page explains the different concepts of Part-DB and what their intended use
 ## Part managment

 ### Part
-A part is the central concept of Part-DB. A part represents a single kind (or type) of a thing, like an electronic component, an device, an book or similar (depending on what you use Part-DB for). A part entity just represents a certain type of a thing, so if you have 1000 times an BC547 transistor you would create ONE part with the name BC547 and set its quantity to 1000. The individual quantities (so a single BC547 transistor) of a part, should be indistinguishable from each other, so that it does not matter which one of your 1000 things of Part you use.
+
+A part is the central concept of Part-DB. A part represents a single kind (or type) of a thing, like an electronic
+component, a device, a book or similar (depending on what you use Part-DB for). A part entity just represents a certain
+type of thing, so if you have 1000 times an BC547 transistor you would create ONE part with the name BC547 and set its
+quantity to 1000. The individual quantities (so a single BC547 transistor) of a part, should be indistinguishable from
+each other, so that it does not matter which one of your 1000 things of Part you use.
 A part entity have many fields, which can be used to describe it better. Most of the fields are optional:
-* **Name** (Required): The name of the part or how you wanna call it. This could be an manufacturer provided name, or a name you thought of your self. The name have to be unique in a single category.
-* **Description**: A short (single-line) description of what this part is/does. For longer informations you should use the comment field or the specifications
+
+* **Name** (Required): The name of the part or how you want to call it. This could be a manufacturer provided name, or a
+  name you thought of your self. The name have to be unique in a single category.
+* **Description**: A short (single-line) description of what this part is/does. For longer information you should use
+  the comment field or the specifications
 * **Category** (Required): The category (see there) to which this part belongs to.
-* **Tags**: The list of tags this part belong to. Tags can be used to group parts logically (similar to the category), but tags are much less strict and formal (they dont have to be defined forehands) and you can assign multiple tags to a part. When clicking on a tag, a list with all parts which have the same tag, is shown.
-* **Min Instock**: *Not really implemented yet*. Parts where the total instock is below this value, will show up for ordering.
-* **Footprint**: See there. Useful especially for electronic parts, which have one of the common electronic footprints (like DIP8, SMD0805 or similar). If a part has no explicit defined preview picture, the preview picture of its footprint will be shown instead in tables.
+* **Tags**: The list of tags this part belong to. Tags can be used to group parts logically (similar to the category),
+  but tags are much less strict and formal (they don't have to be defined forehands) and you can assign multiple tags to
+  a part. When clicking on a tag, a list with all parts which have the same tag, is shown.
+* **Min Instock**: *Not really implemented yet*. Parts where the total instock is below this value, will show up for
+  ordering.
+* **Footprint**: See there. Useful especially for electronic parts, which have one of the common electronic footprints (
+  like DIP8, SMD0805 or similar). If a part has no explicit defined preview picture, the preview picture of its
+  footprint will be shown instead in tables.
 * **Manufacturer**: The manufacturer which has manufactured (not sold) this part. See Manufacturer entity for more info.
-* **Manufacturer part number** (MPN): If you have used your own name for a part, you can put the part number the manufacturer uses in this field, so that you can find a part also under its manufacturer number.
-* **Link to product page**: If you want to link to the manufacturer website of a part, and it is not possible to determine it automatically from the part name, set in the manufacturer entity (or no manfacturer is set), you can set the link here for each part individually.
-* **Manufacturing Status**: The manufacturing status of this part, meaning the information about where the part is in its manufacturing lifecycle.
-* **Needs review**: If you think parts informations maybe are inaccurate or incomplete and needs some later review/checking, you can set this flag. A part with this flag is marked, so that users know the informations are not completly trustworthy.
+* **Manufacturer part number** (MPN): If you have used your own name for a part, you can put the part number the
+  manufacturer uses in this field, so that you can find a part also under its manufacturer number.
+* **Link to product page**: If you want to link to the manufacturer website of a part, and it is not possible to
+  determine it automatically from the part name, set in the manufacturer entity (or no manufacturer is set), you can set
+  the link here for each part individually.
+* **Manufacturing Status**: The manufacturing status of this part, meaning the information about where the part is in
+  its manufacturing lifecycle.
+* **Needs review**: If you think parts information maybe are inaccurate or incomplete and needs some later
+  review/checking, you can set this flag. A part with this flag is marked, so that users know the information are not
+  completely trustworthy.
 * **Favorite**: Parts with this flag are highlighted in parts lists
 * **Mass**: The mass of a single piece of this part (so of a single transistor). Given in grams.
-* **Internal Part number** (IPN): Each part is automatically assigned an numerical ID which identifies a part in the database. This ID depends on when a part was created and can not be changed. If you want to assign your own unique identifiers, or sync parts identifiers with the identifiers of another database you can use this field.
+* **Internal Part number** (IPN): Each part is automatically assigned a numerical ID which identifies a part in the
+  database. This ID depends on when a part was created and can not be changed. If you want to assign your own unique
+  identifiers, or sync parts identifiers with the identifiers of another database you can use this field.

 ### Stock / Part lot
-A part can have many stock at multiple different locations. This is represented by part lots / stocks, which consists basically of a storelocation (so where are the parts of this lot are stored) and an amount (how many parts are there).

-### Purchase Informations
-The purchase informations describe where the part can be bought (at which vendors) and to which prices.
-The first part (the order information) describes at which supplier the part can be bought and which is the name of the part under which you can order the part there.
-An order information can contain multiple price informations, which describes the prices for the part at the supplier including bulk discount, etc.
+A part can have many stock at multiple different locations. This is represented by part lots / stocks, which consists
+basically of a storage location (so where are the parts of this lot are stored) and an amount (how many parts are there).
+
+### Purchase Information
+
+The purchase information describe where the part can be bought (at which vendors) and to which prices.
+The first part (the order information) describes at which supplier the part can be bought and which is the name of the
+part under which you can order the part there.
+An order information can contain multiple price information, which describes the prices for the part at the supplier
+including bulk discount, etc.

 ### Parameters
-Parameters represents various specifications / parameters of a part, like the the maximum current of a diode, etc. The advantage of using parameters instead of just putting the data in the comment field or so, is that you can filter for parameters values (including ranges and more) later on. 
-Parameters describe can describe numeric values and/or text values for which they can be filtered. This basically allows you to define custom fields on a part.

-Using the group field a parameter allows you to group parameters together in the info page later (all parameters with the same group value will be shown under the same group title).
+Parameters represents various specifications / parameters of a part, like the maximum current of a diode, etc. The
+advantage of using parameters instead of just putting the data in the comment field or so, is that you can filter for
+parameters values (including ranges and more) later on.
+Parameters describe can describe numeric values and/or text values for which they can be filtered. This basically allows
+you to define custom fields on a part.
+
+Using the group field a parameter allows you to group parameters together in the info page later (all parameters with
+the same group value will be shown under the same group title).

 ## Core data
+
 ### Category

-A category is used to group parts logically by their function (e.g. all NPN transistors would be put in a "NPN-Transistors" category).
-Categories are hierarchical structures meaning that you can create logical trees to group categories together. A possible category tree could look like this:
+A category is used to group parts logically by their function (e.g. all NPN transistors would be put in a "
+NPN-Transistors" category).
+Categories are hierarchical structures meaning that you can create logical trees to group categories together. A
+possible category tree could look like this:

 * Active Components
    * Transistors
@@ -60,97 +95,145 @@ Categories are hierarchical structures meaning that you can create logical trees
        * MCUs
 * Passive Components
    * Capacitors
-    * Resitors
+    * Resistors

 ### Supplier
-A Supplier is a vendor / distributor where you can buy/order parts. Price informations of parts are associated with a supplier. 
+
+A Supplier is a vendor / distributor where you can buy/order parts. Price information of parts are associated with a
+supplier.

 ### Manufacturer
-A manufacturer represents the company that manufacturer / build various parts (not necessary sell them). If the manufacturer also sell the parts, you have to create a supplier for that.

-### Storelocation
-A storelocation represents a place where parts can be stored. This could be a box, a shelf or other things (like the SMD feeder of a machine or so).
+A manufacturer represents the company that manufacturer / build various parts (not necessary sell them). If the
+manufacturer also sell the parts, you have to create a supplier for that.

-Storelocations are hierarchical to represent storelocations contained in each other. 
+### Storage location
+
+A storage location represents a place where parts can be stored. This could be a box, a shelf or other things (like the
+SMD feeder of a machine or so).
+
+Storage locations are hierarchical to represent storage locations contained in each other.
 An example tree could look like this:
+
 * Shelf 1
-   * Box 1
-   * Box 2
-      * Box shelf A1
-      * Box shelf A2
-      * Box shelf B1
-      * Box shelf B2
+    * Box 1
+    * Box 2
+        * Box shelf A1
+        * Box shelf A2
+        * Box shelf B1
+        * Box shelf B2
 * Shelf 2
 * Cupboard

-Storelocations should be defined down to the smallest possible location, to make finding the part again easy.
+Storage locations should be defined down to the smallest possible location, to make finding the part again easy.

 ### Footprint
-In electronics many components have one of the common components cases / footprints. The footprint entity describes such common footprints, which can be assigned to parts.
-You can assign an image (and an 3D model) as an attachment to a footprint, which will be used as preview for parts with this footprint, even if the parts do not have an explicitly assigned preview image.

-Footprints are a hierachically which allows you to build logical sorted trees. An example tree could look like this:
+In electronics many components have one of the common components cases / footprints. The footprint entity describes such
+common footprints, which can be assigned to parts.
+You can assign an image (and an 3D model) as an attachment to a footprint, which will be used as preview for parts with
+this footprint, even if the parts do not have an explicitly assigned preview image.
+
+Footprints are a hierarchically which allows you to build logical sorted trees. An example tree could look like this:

 * Through-Hole components
    * DIP
-       * DIP-8
-       * DIP-28
-       * DIP-28W
+        * DIP-8
+        * DIP-28
+        * DIP-28W
    * TO
-       * TO-92
+        * TO-92
 * SMD components
    * SOIC
-       * SO-8
+        * SO-8
    * Resistors
-       * 0805
-       * 0603
+        * 0805
+        * 0603

 ### Measurement Unit
-By default part instock is counted in number of individual parts, which is fine for things like electronic components, which exists only in integer quantities. However if you have things with fractional units like the length of a wire or the volume of a liquid, you have to define a measurement unit.
+
+By default, part instock is counted in number of individual parts, which is fine for things like electronic components,
+which exists only in integer quantities. However, if you have things with fractional units like the length of a wire or
+the volume of a liquid, you have to define a measurement unit.
 The measurement unit represents a physical quantity like mass, volume or length.

-You can define a short unit for it (like m for Meters, or g for gramms) which will be shown, when a quantity of a part with this unit is shown. 
+You can define a short unit for it (like m for Meters, or g for gramms) which will be shown, when a quantity of a part
+with this unit is shown.

 ### Currency
-By default all prices are set in the base currency configured for the instance (by default euros). If you want to use multiple currencies together (as e.g. vendors use foreign currencies for their price and you do not want to update the prices for every exchange rate change), you have to define these currencies here.

-You can set an exchange rate here in terms of the base currency (or fetch it from the internet if configured). The exchange rate will be used to show users the prices in their preferred currency.
+By default, all prices are set in the base currency configured for the instance (by default euros). If you want to use
+multiple currencies together (as e.g. vendors use foreign currencies for their price, and you do not want to update the
+prices for every exchange rate change), you have to define these currencies here.
+
+You can set an exchange rate here in terms of the base currency (or fetch it from the internet if configured). The
+exchange rate will be used to show users the prices in their preferred currency.

 ## Attachments
+
 ### Attachment
-An attachment is an file that can be associated with another entity (like a Part, Storelocation, User, etc.). This could for example be a datasheet in a Part, the logo of a vendor or some CAD drawing of a footprint.

-An attachment has an attachment type (see below), which groups the attachments logically (and optionally restricts the allowed file types), a name describing the attachment and a file. The file can either be uploaded to the server and stored there, or given as a link to a file on another webpath. If configured in the settings, it is also possible that the webserver downloads the file from the supplied website and stores it locally on the server.
+An attachment is a file that can be associated with another entity (like a Part, Storelocation, User, etc.). This could
+for example be a datasheet in a Part, the logo of a vendor or some CAD drawing of a footprint.

-By default all uploaded files, are accessible for everyone (even non logged in users), if the link is known. If your Part-DB instance is publicly available and you want to store private/sensitve files on it, you should mark the attachment as "Private attachment". Private attachments are only accessible to users, which has the permission to access private attachments.
-Please not, that no thumbnails are generated for private attachments, which can have an performance impact.
+An attachment has an attachment type (see below), which groups the attachments logically (and optionally restricts the
+allowed file types), a name describing the attachment and a file. The file can either be uploaded to the server and
+stored there, or given as a link to a file on another web path. If configured in the settings, it is also possible that
+the webserver downloads the file from the supplied website and stores it locally on the server.

-Part-DB ships some preview images for various common footprints like DIP-8 and others, as internal ressources. These can be accessed/searched by typing the keyword in the URL field of a part and choosing one of the choices from the dropdown.
+By default, all uploaded files, are accessible for everyone (even non-logged-in users), if the link is known. If your
+Part-DB instance is publicly available, and you want to store private/sensitive files on it, you should mark the
+attachment as "Private attachment". Private attachments are only accessible to users, which has the permission to access
+private attachments.
+Please not, that no thumbnails are generated for private attachments, which can have a performance impact.
+
+Part-DB ships some preview images for various common footprints like DIP-8 and others, as internal resources. These can
+be accessed/searched by typing the keyword in the URL field of a part and choosing one of the choices from the dropdown.

 ### Preview image / attachment
-Most entities with attachments allow you to select one of the defined attachments as "Preview image". You can select an image attachment here, that previews the entity, this could be a picture of a Part, the logo of a manufacturer or supplier, the schematic symbol of a category or the image of an footprint.
+
+Most entities with attachments allow you to select one of the defined attachments as "Preview image". You can select an
+image attachment here, that previews the entity, this could be a picture of a Part, the logo of a manufacturer or
+supplier, the schematic symbol of a category or the image of a footprint.
 The preview image will be shown in various locations together with the entities name.

-Please note that as long as the picture is not secret, it should be stored on the Part-DB instance (by upload, or letting Part-DB download the file) and *not* be marked as a private attachments, so that thumbnails can be generated for the picture (which improves performance). 
-
+Please note that as long as the picture is not secret, it should be stored on the Part-DB instance (by upload, or
+letting Part-DB download the file) and *not* be marked as a private attachments, so that thumbnails can be generated for
+the picture (which improves performance).

 ### Attachment types
-Attachment types define logical groups of attachments. For example you could define an attachment group "Datasheets" where all datasheets of Parts, Footprints, etc. belong in, "Pictures" for preview images and more.
+
+Attachment types define logical groups of attachments. For example, you could define an attachment group "Datasheets"
+where all datasheets of Parts, Footprints, etc. belong in, "Pictures" for preview images and more.
 You can define file type restrictions, which file types and extensions are allowed for files with that attachment type.

 ## User System
-### User
-Each person which should be able to use Part-DB (by logging in) is represented by an user entity, which defines things like access rights, the password, and other things. For security reasons, every person which will use Part-DB should use its own personal account with an secret password. This allows to track activity of the users via the log.

-There is a special user called `anonymous`, whose access rights are used to determine what an non-logged in user can do. Normally the anonymous user should be the most restricted user.
+### User
+
+Each person which should be able to use Part-DB (by logging in) is represented by a user entity, which defines things
+like access rights, the password, and other things. For security reasons, every person which will use Part-DB should use
+its own personal account with a secret password. This allows to track activity of the users via the log.
+
+There is a special user called `anonymous`, whose access rights are used to determine what a non-logged in user can do.
+Normally the anonymous user should be the most restricted user.

 For simplification of access management users can be assigned to groups.

 ### Group
-A group is entity, to which users can be assigned to. This can be used to logically group users by for example organisational structures and to simplify permissions managment, as you can define groups with access rights for common use cases and then just assign users to them, without the need to change every permission on the users individually.
+
+A group is entity, to which users can be assigned to. This can be used to logically group users by for example
+organisational structures and to simplify permissions management, as you can define groups with access rights for common
+use cases and then just assign users to them, without the need to change every permission on the users individually.

 ## Labels
-### Label profiles
-A label profile represents an template for a label (for a storelocation, a part or part lot). It consists of a size, an barcode type and the content. There are various placeholders which can be inserted in the text content and which will be used replaced with data for the actual thing.

-You do not have to define a label profile to generate labels (you can just set the settings on the fly in the label dialog), however if you want to generate many labels, it is recommended to save the settings as label profile, to save it for later usage. This ensures that all generated labels look the same.
+### Label profiles
+
+A label profile represents a template for a label (for a storage location, a part or part lot). It consists of a size, a
+barcode type and the content. There are various placeholders which can be inserted in the text content and which will be
+used replaced with data for the actual thing.
+
+You do not have to define a label profile to generate labels (you can just set the settings on the fly in the label
+dialog), however if you want to generate many labels, it is recommended to save the settings as label profile, to save
+it for later usage. This ensures that all generated labels look the same.
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -6,74 +6,218 @@ nav_order: 5

 # Configuration

-Part-DBs behavior can be configured to your needs. There are different kind of configuration options: Options which are user changable (changable dynamically via frontend), options which can be configured by environment variables, and options which are only configurable via symfony config files.
+Part-DBs behavior can be configured to your needs. There are different kind of configuration options: Options which are
+user changeable (changeable dynamically via frontend), options which can be configured by environment variables, and
+options which are only configurable via symfony config files.

-## User changable
-Following things can be changed for every user and a user can change it for himself (if he has the correct permission for it). Configuration is either possible via the users own setting page (where you can also change the password) or via the user admin page:
-* **Language**: The language that the users prefers, and which will be used when no language is explicitly specified. Language can still always be changed via the language selector. By default the global configured language is used.
-* **Timezone**: The timezone which the user resides in and in which all dates and times should be shown. By default the globally configured language.
+## User changeable
+
+Following things can be changed for every user and a user can change it for himself (if he has the correct permission
+for it). Configuration is either possible via the users own setting page (where you can also change the password) or via
+the user admin page:
+
+* **Language**: The language that the users prefers, and which will be used when no language is explicitly specified.
+  Language can still always be changed via the language selector. By default, the global configured language is used.
+* **Timezone**: The timezone which the user resides in and in which all dates and times should be shown. By default, the
+  globally configured language.
 * **Theme**: The theme to use for the frontend. Allows the user to choose the frontend design, he prefers.
-* **Prefered currency**: One of the defined currencies, in which all prices should be shown, if possible. Prices with other currencies will be converted to the price selected here
+* **Preferred currency**: One of the defined currencies, in which all prices should be shown, if possible. Prices with
+  other currencies will be converted to the price selected here

 ## Environment variables (.env.local)
-The following configuration options can only be changed by the server administrator, by either changing the server variables, changing the `.env.local` file or setting env for your docker container. Here are just the most important options listed, see `.env` file for full list of possible env variables.
+
+The following configuration options can only be changed by the server administrator, by either changing the server
+variables, changing the `.env.local` file or setting env for your docker container. Here are just the most important
+options listed, see `.env` file for full list of possible env variables.

 ### General options
-* `DATABASE_URL`: Configures the database which Part-DB uses. For mysql use a string in the form of `mysql://<USERNAME>:<PASSWORD>@<HOST>:<PORT>/<TABLE_NAME>` here (e.g. `DATABASE_URL=mysql://user:password@127.0.0.1:3306/part-db`. For sqlite use the following format to specify the absolute path where it should be located `sqlite:///path/part/app.db`. You can use `%kernel.project_dir%` as placeholder for the Part-DB root folder (e.g. `sqlite:///%kernel.project_dir%/var/app.db`)
-* `DEFAULT_LANG`: The default language to use serverwide (when no language is explictly specified by a user or via language chooser). Must be something like `en`, `de`, `fr`, etc.
-* `DEFAULT_TIMEZONE`: The default timezone to use globally, when a user has not timezone specified. Must be something like `Europe/Berlin`. See [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) under TZ Database name for a list of available options.
-* `BASE_CURRENCY`: The currency to use internally for monetary values and when no currency is explictly specified. When migrating from a legacy Part-DB version, this should be the same as the currency in the old Part-DB instance (normally euro). This should be the currency you use the most. **Please note that you can not really change this setting after you have created data**. The value has to be a valid [ISO4217](https://en.wikipedia.org/wiki/ISO_4217) code, like `EUR` or `USD`.
-* `INSTANCE_NAME`: The name of your installation. It will be shown as a title in the navbar and other places. By default `Part-DB`, but you can customize it to something likes `ExampleCorp. Inventory`.
-* `ALLOW_ATTACHMENT_DOWNLOADS` (allowed values `0` or `1`): By setting this option to 1, users can make Part-DB directly download a file specified as an URL and create it as local file. Please not that this allows users access to all ressources publicly available to the server (so full access to other servers in the same local network), which could be a security risk.
-* `USE_GRAVATAR`: Set to `1` to use [gravatar.com](gravatar.com) images for user avatars (as long as they have not set their own picture). The users browsers have to download the pictures from a third-party (gravatars) server, so this might be a privacy risk.

+* `DATABASE_URL`: Configures the database which Part-DB uses. For mysql use a string in the form
+  of `mysql://<USERNAME>:<PASSWORD>@<HOST>:<PORT>/<TABLE_NAME>` here
+  (e.g. `DATABASE_URL=mysql://user:password@127.0.0.1:3306/part-db`). For sqlite use the following format to specify the
+  absolute path where it should be located `sqlite:///path/part/app.db`. You can use `%kernel.project_dir%` as
+  placeholder for the Part-DB root folder (e.g. `sqlite:///%kernel.project_dir%/var/app.db`)
+* `DEFAULT_LANG`: The default language to use server wide (when no language is explicitly specified by a user or via
+  language chooser). Must be something like `en`, `de`, `fr`, etc.
+* `DEFAULT_TIMEZONE`: The default timezone to use globally, when a user has no timezone specified. Must be something
+  like `Europe/Berlin`. See [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) under TZ Database name
+  for a list of available options.
+* `BASE_CURRENCY`: The currency to use internally for monetary values and when no currency is explicitly specified. When
+  migrating from a legacy Part-DB version, this should be the same as the currency in the old Part-DB instance (normally
+  euro). This should be the currency you use the most. **Please note that you can not really change this setting after
+  you have created data**. The value has to be a valid [ISO4217](https://en.wikipedia.org/wiki/ISO_4217) code,
+  like `EUR` or `USD`.
+* `INSTANCE_NAME`: The name of your installation. It will be shown as a title in the navbar and other places. By
+  default `Part-DB`, but you can customize it to something likes `ExampleCorp. Inventory`.
+* `ALLOW_ATTACHMENT_DOWNLOADS` (allowed values `0` or `1`): By setting this option to 1, users can make Part-DB directly
+  download a file specified as a URL and create it as local file. Please note that this allows users access to all
+  resources publicly available to the server (so full access to other servers in the same local network), which could
+  be a security risk.
+* `USE_GRAVATAR`: Set to `1` to use [gravatar.com](https://gravatar.com/) images for user avatars (as long as they have
+  not set their own picture). The users browsers have to download the pictures from a third-party (gravatar) server, so
+  this might be a privacy risk.
+* `MAX_ATTACHMENT_FILE_SIZE`: The maximum file size (in bytes) for attachments. You can use the suffix `K`, `M` or `G`
+  to specify the size in kilobytes, megabytes or gigabytes. By default `100M` (100 megabytes). Please note that this
+  only the limit of Part-DB. You still need to configure the php.ini `upload_max_filesize` and `post_max_size` to allow
+  bigger files to be uploaded.
+* `DEFAULT_URI`: The default URI base to use for the Part-DB, when no URL can be determined from the browser request.
+  This should be the primary URL/Domain, which is used to access Part-DB. This value is used to create correct links in
+  emails and other places, where the URL is needed. It is also used, when SAML is enabled.s If you are using a reverse
+  proxy, you should set this to the URL of the reverse proxy (e.g. `https://part-db.example.com`). **This value must end
+  with a slash**.
+* `ENFORCE_CHANGE_COMMENTS_FOR`: With this option you can configure, where users are enforced to give a change reason,
+  which will be written to the log. This is a comma separated list of values (e.g. `part_edit,part_delete`). Leave empty
+  to make change comments optional everywhere. Possible values are:
+    * `part_edit`: Edit operation of an existing part
+    * `part_delete`: Delete operation of an existing part
+    * `part_create`: Creation of a new part
+    * `part_stock_operation`: Stock operation on a part (therefore withdraw, add or move stock)
+    * `datastructure_edit`: Edit operation of an existing datastructure (e.g. category, manufacturer, ...)
+    * `datastructure_delete`: Delete operation of a existing datastructure (e.g. category, manufacturer, ...)
+    * `datastructure_create`: Creation of a new datastructure (e.g. category, manufacturer, ...)
+* `CHECK_FOR_UPDATES` (default `1`): Set this to 0, if you do not want Part-DB to connect to GitHub to check for new
+  versions, or if your server can not connect to the internet.

 ### E-Mail settings
-* `MAILER_DSN`: You can configure the mail provider which should be used for email delivery (see https://symfony.com/doc/current/components/mailer.html for full documentation). If you just want to use an SMTP mail account, you can use the following syntax `MAILER_DSN=smtp://user:password@smtp.mailserver.invalid:587`
-* `EMAIL_SENDER_EMAIL`: The email address from which emails should be sent from (in most cases this has to be the same as the email address used for SMTP access)
-* `EMAIL_SENDER_NAME`: Similar to `EMAIL_SENDER_EMAIL` but this allows you to specify the name from which the mails are sent from.
-* `ALLOW_EMAIL_PW_RESET`: Set this value to true, if you wan to allow users to reset their password via an email notification. You have to configure the mailprovider first before via the MAILER_DSN setting.
+
+* `MAILER_DSN`: You can configure the mail provider which should be used for email delivery (
+  see https://symfony.com/doc/current/components/mailer.html for full documentation). If you just want to use an SMTP
+  mail account, you can use the following syntax `MAILER_DSN=smtp://user:password@smtp.mailserver.invalid:587`
+* `EMAIL_SENDER_EMAIL`: The email address from which emails should be sent from (in most cases this has to be the same
+  as the email address used for SMTP access)
+* `EMAIL_SENDER_NAME`: Similar to `EMAIL_SENDER_EMAIL` but this allows you to specify the name from which the mails are
+  sent from.
+* `ALLOW_EMAIL_PW_RESET`: Set this value to true, if you want to allow users to reset their password via an email
+  notification. You have to configure the mailprovider first before via the MAILER_DSN setting.
+
+### Table related settings
+
+* `TABLE_DEFAULT_PAGE_SIZE`: The default page size for tables. This is the number of rows which are shown per page. Set
+  to `-1` to disable pagination and show all rows at once.
+* `TABLE_PARTS_DEFAULT_COLUMNS`: The columns in parts tables, which are visible by default (when loading table for first
+  time).
+  Also specify the default order of the columns. This is a comma separated list of column names. Available columns
+  are: `name`, `id`, `ipn`, `description`, `category`, `footprint`, `manufacturer`, `storage_location`, `amount`, `minamount`, `partUnit`, `addedDate`, `lastModified`, `needs_review`, `favorite`, `manufacturing_status`, `manufacturer_product_number`, `mass`, `tags`, `attachments`, `edit`.

 ### History/Eventlog related settings
-The following options are used to configure, which (and how much) data is written to the system log:
-* `HISTORY_SAVE_CHANGED_FIELDS`: When this option is set to true, the name of the fields which are changed, are saved to the DB (so for example it is logged that a user has changed, that the user has changed the name and description of the field, but not the data/content of these changes)
-* `HISTORY_SAVE_CHANGED_DATA`: When this option is set to true, the changed data is saved to log (so it is logged, that a user has changed the name of a part and what the name was before). This can increase database size, when you have a lot of changes to enties.
-* `HISTORY_SAVE_REMOVED_DATA`: When this option is set to true, removed data is saved to log, meaning that you can easily undelete an entity, when it was removed accidentally.

-If you wanna use want to revert changes or view older revisions of entities, then `HISTORY_SAVE_CHANGED_FIELDS`, `HISTORY_SAVE_CHANGED_DATA` and `HISTORY_SAVE_REMOVED_DATA` all have to be true.
+The following options are used to configure, which (and how much) data is written to the system log:
+
+* `HISTORY_SAVE_CHANGED_FIELDS`: When this option is set to true, the name of the fields which are changed, are saved to
+  the DB (so for example it is logged that a user has changed, that the user has changed the name and description of the
+  field, but not the data/content of these changes)
+* `HISTORY_SAVE_CHANGED_DATA`: When this option is set to true, the changed data is saved to log (so it is logged, that
+  a user has changed the name of a part and what the name was before). This can increase database size, when you have a
+  lot of changes to entities.
+* `HISTORY_SAVE_REMOVED_DATA`: When this option is set to true, removed data is saved to log, meaning that you can
+  easily undelete an entity, when it was removed accidentally.
+* `HISTORY_SAVE_NEW_DATA`: When this option is set to true, the new data (the data after a change) is saved to element
+  changed log entries. This allows you to easily see the changes between two revisions of an entity. This can increase
+  database size, when you have a lot of changes to entities.
+
+If you want to use want to revert changes or view older revisions of entities,
+then `HISTORY_SAVE_CHANGED_FIELDS`, `HISTORY_SAVE_CHANGED_DATA` and `HISTORY_SAVE_REMOVED_DATA` all have to be true.

 ### Error pages settings
-* `ERROR_PAGE_ADMIN_EMAIL`: You can set an email-address here, which is shown on the error page, who should be contacted about the issue (e.g. an IT support email of your company)
-* `ERROR_PAGE_SHOW_HELP`: Set this 0, to disable the solution hints shown on an error page. These hints should not contain senstive informations, but could confuse end-users.
+
+* `ERROR_PAGE_ADMIN_EMAIL`: You can set an email-address here, which is shown on the error page, who should be contacted
+  about the issue (e.g. an IT support email of your company)
+* `ERROR_PAGE_SHOW_HELP`: Set this 0, to disable the solution hints shown on an error page. These hints should not
+  contain sensitive information, but could confuse end-users.
+
+### SAML SSO settings
+
+The following settings can be used to enable and configure Single-Sign on via SAML. This allows users to log in to
+Part-DB without entering a username and password, but instead they are redirected to a SAML Identity Provider (IdP) and
+are logged in automatically. This is especially useful, when you want to use Part-DB in a company, where all users have
+a SAML account (e.g. via Active Directory or LDAP).
+You can find more advanced settings in the `config/packages/hslavich_onelogin_saml.yaml` file. Please note that this
+file is not backed up by the backup script, so you have to back up it manually, if you want to keep your changes. If you
+want to edit it on docker, you have to map the file to a volume.
+
+* `SAML_ENABLED`: When this is set to 1, SAML SSO is enabled and the SSO Login button is shown in the login form. You
+  have to configure the SAML settings below, before you can use this feature.
+* `SAML_BEHIND_PROXY`: Set this to 1, if Part-DB is behind a reverse proxy. See [here]({% link installation/reverse-proxy.md %})
+  for more information. Otherwise, leave it to 0 (default.)
+* `SAML_ROLE_MAPPING`: A [JSON](https://en.wikipedia.org/wiki/JSON) encoded map which specifies how Part-DB should
+  convert the user roles given by SAML attribute `group` should be converted to a Part-DB group (specified by ID). You
+  can use a wildcard `*` to map all otherwise unmapped roles to a certain group.
+  Example: `{"*": 1, "admin": 2, "editor": 3}`. This would map all roles to the group with ID 1, except the
+  role `admin`, which is mapped to the group with ID 2 and the role `editor`, which is mapped to the group with ID 3.
+* `SAML_UPDATE_GROUP_ON_LOGIN`: When this is enabled the group of the user is updated on every login of the user based
+  on the SAML role attributes. When this is disabled, the group is only assigned on the first login of the user, and a
+  Part-DB administrator can change the group afterward by editing the user.
+* `SAML_IDP_ENTITY_ID`: The entity ID of your SAML Identity Provider (IdP). You can find this value in the metadata XML
+  file or configuration UI of your IdP.
+* `SAML_IDP_SINGLE_SIGN_ON_SERVICE`: The URL of the SAML IdP Single Sign-On Service (SSO). You can find this value in
+  the metadata XML file or configuration UI of your IdP.
+* `SAML_IDP_SINGLE_LOGOUT_SERVICE`: The URL of the SAML IdP Single Logout Service (SLO). You can find this value in the
+  metadata XML file or configuration UI of your IdP.
+* `SAML_IDP_X509_CERT`: The base64 encoded X.509 public certificate of your SAML IdP. You can find this value in the
+  metadata XML file or configuration UI of your IdP. It should start with `MIIC` and end with `=`.
+* `SAML_SP_ENTITY_ID`: The entity ID of your SAML Service Provider (SP). This is the value you have configured for the
+  Part-DB client in your IdP.
+* `SAML_SP_X509_CERT`: The public X.509 certificate of your SAML SP (here Part-DB). This is the value you have
+  configured for the Part-DB client in your IdP. It should start with `MIIC` and end with `=`. IdPs like keycloak allows
+  you to generate a public/private key pair for the client which you can set up here and in the `SAML_SP_PRIVATE_KEY`
+  setting.
+* `SAML_SP_PRIVATE_KEY`: The private key of your SAML SP (here Part-DB), corresponding the public key specified
+  in `SAML_SP_X509_CERT`. This is the value you have configured for the Part-DB client in your IdP. It should start
+  with `MIIE` and end with `=`. IdPs like keycloak allows you to generate a public/private key pair for the client which
+  you can set up here and in the `SAML_SP_X509_CERT` setting.
+
+### Information provider settings
+
+The settings prefixes with `PROVIDER_*` are used to configure the information providers.
+See the [information providers]({% link usage/information_provider_system.md %}) page for more information.

 ### Other / less used options
-* `TRUSTED_PROXIES`: Set the IP addresses (or IP blocks) of trusted reverse proxies here. This is needed to get correct IP informations (see [here](https://symfony.com/doc/current/deployment/proxies.html) for more info).
-* `TRUSTED_HOSTS`: To prevent `HTTP Host header attacks` you can set a regex containing all host names via which Part-DB should be accessible. If accessed via the wrong hostname, an error will be shown.
-* `DEMO_MODE`: Set Part-DB into demo mode, which forbids users to change their passwords and settings. Used for the demo instance, should not be needed for normal installations.
-* `NO_URL_REWRITE_AVAILABLE` (allowed values `true` or `false`): Set this value to true, if your webserver does not support rewrite. In this case, all URL pathes will contain index.php/, which is needed then. Normally this setting do not need to be changed.
-* `FIXER_API_KEY`: If you want to automatically retrieve exchange rates for base currencies other than euros, you have configure an exchange rate provider API. [Fixer.io](https://fixer.io/) is preconfigured, and you just have to register there and set the retrieved API key in this environment variable.
-* `APP_ENV`: This value should always be set to `prod` in normal use. Set it to `dev` to enable debug/development mode. (**You should not do this on a publicly accessible server, as it will leak sensitive informations!**)
-* `BANNER`: You can configure the text that should be shown as the banner on the homepage. Useful especially for docker container. In all other applications you can just change the `config/banner.md` file.
+
+* `TRUSTED_PROXIES`: Set the IP addresses (or IP blocks) of trusted reverse proxies here. This is needed to get correct
+  IP information (see [here](https://symfony.com/doc/current/deployment/proxies.html) for more info).
+* `TRUSTED_HOSTS`: To prevent `HTTP Host header attacks` you can set a regex containing all host names via which Part-DB
+  should be accessible. If accessed via the wrong hostname, an error will be shown.
+* `DEMO_MODE`: Set Part-DB into demo mode, which forbids users to change their passwords and settings. Used for the demo
+  instance, should not be needed for normal installations.
+* `NO_URL_REWRITE_AVAILABLE` (allowed values `true` or `false`): Set this value to true, if your webserver does not
+  support rewrite. In this case, all URL paths will contain index.php/, which is needed then. Normally this setting do
+  not need to be changed.
+* `FIXER_API_KEY`: If you want to automatically retrieve exchange rates for base currencies other than euros, you have to
+  configure an exchange rate provider API. [Fixer.io](https://fixer.io/) is preconfigured, and you just have to register
+  there and set the retrieved API key in this environment variable.
+* `APP_ENV`: This value should always be set to `prod` in normal use. Set it to `dev` to enable debug/development
+  mode. (**You should not do this on a publicly accessible server, as it will leak sensitive information!**)
+* `BANNER`: You can configure the text that should be shown as the banner on the homepage. Useful especially for docker
+  container. In all other applications you can just change the `config/banner.md` file.

 ## Banner
+
 To change the banner you can find on the homepage, you can either set the `BANNER` environment variable to the text you
 want to show, or you can edit the `config/banner.md` file. The banner is written in markdown, so you can use all
 markdown (and even some subset of HTML) syntax to format the text.

 ## parameters.yaml
-You can also configure some options via the `config/parameters.yaml` file. This should normally not needed, 
-and you should know what you are doing, when you change something here. You should expect, that you will have to do some 
-manual merge, when you have changed something here and update to a newer version of Part-DB. It is possible that configuration
+
+You can also configure some options via the `config/parameters.yaml` file. This should normally not need,
+and you should know what you are doing, when you change something here. You should expect, that you will have to do some
+manual merge, when you have changed something here and update to a newer version of Part-DB. It is possible that
+configuration
 options here will change or completely removed in future versions of Part-DB.

-If you change something here, you have to clear the cache, before the changes will take effect with the command `bin/console cache:clear`.
+If you change something here, you have to clear the cache, before the changes will take effect with the
+command `bin/console cache:clear`.

 The following options are available:

-* `partdb.global_theme`: The default theme to use, when no user specific theme is set. Should be one of the themes from the `partdb.available_themes` config option.
-* `partdb.locale_menu`: The codes of the languages, which should be shown in the language chooser menu (the one with the user icon in the navbar). The first language in the list will be the default language.
-* `partdb.gpdr_compliance`: When set to true (default value), IP addresses which are saved in the database will be anonymized, by removing the last byte of the IP. This is required by the GDPR (General Data Protection Regulation) in the EU.
-* `partdb.sidebar.items`: The panel contents which should be shown in the sidebar by default. You can also change the number of sidebar panels by changing the number of items in this list.
+* `partdb.global_theme`: The default theme to use, when no user specific theme is set. Should be one of the themes from
+  the `partdb.available_themes` config option.
+* `partdb.locale_menu`: The codes of the languages, which should be shown in the language chooser menu (the one with the
+  user icon in the navbar). The first language in the list will be the default language.
+* `partdb.gdpr_compliance`: When set to true (default value), IP addresses which are saved in the database will be
+  anonymized, by removing the last byte of the IP. This is required by the GDPR (General Data Protection Regulation) in
+  the EU.
+* `partdb.sidebar.items`: The panel contents which should be shown in the sidebar by default. You can also change the
+  number of sidebar panels by changing the number of items in this list.
 * `partdb.sidebar.root_node_enable`: Show a root node in the sidebar trees, of which all nodes are children of
 * `partdb.sidebar.root_expanded`: Expand the root node in the sidebar trees by default
 * `partdb.available_themes`: The list of available themes a user can choose from.
--- a/docs/index.md
+++ b/docs/index.md
@@ -5,37 +5,50 @@ nav_order: 0
 ---

 # Part-DB
+
 Part-DB is an Open-Source inventory management system for your electronic components.
 It is installed on a web server and so can be accessed with any browser without the need to install additional software.

 {: .important-title }
 > Demo
-> 
-> If you want to test Part-DB without installing it, you can use [this](https://part-db.herokuapp.com) Heroku instance. 
-> (Or this link for the [German Version](https://part-db.herokuapp.com/de/)). 
+>
+> If you want to test Part-DB without installing it, you can use [this](https://demo.part-db.de/) Heroku instance.
+> (Or this link for the [German Version](https://demo.part-db.de/de/)).
 >
 > You can log in with username: **user** and password: **user**, to change/create data.
 >
-> Every change to the master branch gets automatically deployed, so it represents the currenct development progress and is
-> maybe not completly stable. Please mind, that the free Heroku instance is used, so it can take some time when loading the page
+> Every change to the master branch gets automatically deployed, so it represents the current development progress and
+> is
+> maybe not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
+> the page
 > for the first time.

 ## Features
+
 * Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer
-  and multiple store locations and price information. Parts can be grouped using tags. You can associate various files like datasheets or pictures with the parts.
+  and multiple store locations and price information. Parts can be grouped using tags. You can associate various files
+  like datasheets or pictures with the parts.
 * Multi-Language support (currently German, English, Russian, Japanese and French (experimental))
 * Barcodes/Labels generator for parts and storage locations, scan barcodes via webcam using the builtin barcode scanner
 * User system with groups and detailed (fine granular) permissions.
-  Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups. Password reset via email can be setuped.
-* Import/Export system (partial working)
-* Project management: Create projects and assign parts to the bill of material (BOM), to show how often you could build this project and directly withdraw all components needed from DB
-* Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older versions.
+  Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups.
+  Password reset via email can be setup.
+* Optional support for single sign-on (SSO) via SAML (using an intermediate service
+  like [Keycloak](https://www.keycloak.org/) you can connect Part-DB to an existing LDAP or Active Directory server)
+* Import/Export system
+* Project management: Create projects and assign parts to the bill of material (BOM), to show how often you could build
+  this project and directly withdraw all components needed from DB
+* Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older
+  versions.
 * Responsive design: You can use Part-DB on your PC, your tablet and your smartphone using the same interface.
 * MySQL and SQLite supported as database backends
 * Support for rich text descriptions and comments in parts
 * Support for multiple currencies and automatic update of exchange rates supported
 * Powerful search and filter function, including parametric search (search for parts according to some specifications)
-
+* Easy migration from an existing PartKeepr instance (see [here]({%link partkeepr_migration.md %}))
+* Use cloud providers (like Octopart, Digikey, farnell or TME) to automatically get part information, datasheets and
+  prices for parts (see [here]({% link usage/information_provider_system.md %}))
+* API to access Part-DB from other applications/scripts

 With these features Part-DB is useful to hobbyists, who want to keep track of their private electronic parts inventory,
 or makerspaces, where many users have should have (controlled) access to the shared inventory.
@@ -43,25 +56,31 @@ or makerspaces, where many users have should have (controlled) access to the sha
 Part-DB is also used by small companies and universities for managing their inventory.

 ## License
+
 Part-DB is licensed under the GNU Affero General Public License v3.0 (or at your opinion any later).
 This mostly means that you can use Part-DB for whatever you want (even use it commercially)
 as long as you publish the source code for every change you make under the AGPL, too.

-See [LICENSE](https://github.com/Part-DB/Part-DB-symfony/blob/master/LICENSE) for more informations.
+See [LICENSE](https://github.com/Part-DB/Part-DB-symfony/blob/master/LICENSE) for more information.

 ## Donate for development
+
 If you want to donate to the Part-DB developer, see the sponsor button in the top bar (next to the repo name).
 There you will find various methods to support development on a monthly or a one time base.

 ## Built with
+
 * [Symfony 5](https://symfony.com/): The main framework used for the serverside PHP
 * [Bootstrap 5](https://getbootstrap.com/) and [Bootswatch](https://bootswatch.com/): Used as website theme
 * [Fontawesome](https://fontawesome.com/): Used as icon set
-* [Hotwire Stimulus](https://stimulus.hotwired.dev/) and [Hotwire Turbo](https://turbo.hotwired.dev/): Frontend Javascript
+* [Hotwire Stimulus](https://stimulus.hotwired.dev/) and [Hotwire Turbo](https://turbo.hotwired.dev/): Frontend
+  Javascript

 ## Authors
-* **Jan Böhmer** - *Inital work and Maintainer* - [Github](https://github.com/jbtronics/)

-See also the list of [contributors](https://github.com/Part-DB/Part-DB-symfony/graphs/contributors) who participated in this project.
+* **Jan Böhmer** - *Initial work and Maintainer* - [GitHub](https://github.com/jbtronics/)
+
+See also the list of [contributors](https://github.com/Part-DB/Part-DB-symfony/graphs/contributors) who participated in
+this project.

 Based on the original Part-DB by Christoph Lechner and K. Jacobs
--- a/docs/installation/choosing_database.md
+++ b/docs/installation/choosing_database.md
@@ -7,24 +7,38 @@ nav_order: 1

 # Choosing database: SQLite or MySQL

-Part-DB saves its data in a [relational (SQL) database](https://en.wikipedia.org/wiki/Relational_database). Part-DB supports either the use of [SQLite](https://www.sqlite.org/index.html) or [MySQL](https://www.mysql.com/) / [MariaDB](https://mariadb.org/) (which are mostly the same, except for some minor differences).
+Part-DB saves its data in a [relational (SQL) database](https://en.wikipedia.org/wiki/Relational_database). Part-DB
+supports either the use of [SQLite](https://www.sqlite.org/index.html)
+or [MySQL](https://www.mysql.com/) / [MariaDB](https://mariadb.org/) (which are mostly the same, except for some minor
+differences).

 {: .important }
-You have to choose between the database types before you start using Part-DB and **you can not change it (easily) after you have started creating data**. So you should choose the database type for your usecase (and possible future uses).
+You have to choose between the database types before you start using Part-DB and **you can not change it (easily) after
+you have started creating data**. So you should choose the database type for your use case (and possible future uses).

 ## Comparison

-**SQLite** is the default database type which is configured out of the box. All data is saved in a single file (normally `var/app.db` in the Part-DB folder) and no additional installation or configuration besides Part-DB is needed.
-To use **MySQL/MariaDB** as database, you have to install and configure the MySQL server, configure it and create a database and user for Part-DB, which needs some additional work. When using docker you need an additional docker container, and volume for the data
+**SQLite** is the default database type which is configured out of the box. All data is saved in a single file (
+normally `var/app.db` in the Part-DB folder) and no additional installation or configuration besides Part-DB is needed.
+To use **MySQL/MariaDB** as database, you have to install and configure the MySQL server, configure it and create a
+database and user for Part-DB, which needs some additional work. When using docker you need an additional docker
+container, and volume for the data

-When using **SQLite** The database can be backuped easily by just copying the SQLite file to a safe place. Ideally the **MySQL** database has to be dumped to a SQL file (using `mysqldump`). The `console partdb:backup` command can do this automatically
- 
-However SQLite does not support certain operations like regex search, which has to be emulated by PHP and therefore are pretty slow compared to the same operation at MySQL. In future there might be features that may only be available, when using MySQL. 
+When using **SQLite** The database can be backuped easily by just copying the SQLite file to a safe place. Ideally the *
+*MySQL** database has to be dumped to a SQL file (using `mysqldump`). The `console partdb:backup` command can do this
+automatically

-In general MySQL might perform better for big Part-DB instances with many entries, lots of users and high activity, than SQLite.
+However, SQLite does not support certain operations like regex search, which has to be emulated by PHP and therefore are
+pretty slow compared to the same operation at MySQL. In future there might be features that may only be available, when
+using MySQL.
+
+In general MySQL might perform better for big Part-DB instances with many entries, lots of users and high activity, than
+SQLite.

 ## Conclusion and Suggestion

-When you are a hobbyist and use Part-DB for your own small inventory managment with only you as user (or maybe sometimes a few other people), then the easy to use SQLite database will be fine.
+When you are a hobbyist and use Part-DB for your own small inventory management with only you as user (or maybe sometimes
+a few other people), then the easy-to-use SQLite database will be fine.

-When you are planning to have a very big database, with a lot of entries and many users which regulary (and concurrently) using Part-DB you should maybe use MySQL as this will scale better.
+When you are planning to have a very big database, with a lot of entries and many users which regularly (and
+concurrently) using Part-DB you should maybe use MySQL as this will scale better.
--- a/docs/installation/email.md
+++ b/docs/installation/email.md
@@ -7,31 +7,34 @@ nav_order: 12

 # Email

-Part-DB can communicate with its users via email. 
+Part-DB can communicate with its users via email.
 At the moment this is only used to send password reset links, but in future this will be used for other things too.

 To make emails work you have to properly configure a mail provider in Part-DB.

 ## Configuration
-Part-DB uses [Symfony Mailer](https://symfony.com/doc/current/mailer.html) to send emails, which supports multiple
-automatic mail providers (like MailChimp or SendGrid). If you want to use one of these providers, check the Symfony Mailer documentation for more information.

-We will only cover the configuration of a SMTP provider here, which is sufficient for most usecases.
-You will need an email account, which you can use send emails from via password-bases SMTP authentication, this account 
+Part-DB uses [Symfony Mailer](https://symfony.com/doc/current/mailer.html) to send emails, which supports multiple
+automatic mail providers (like MailChimp or SendGrid). If you want to use one of these providers, check the Symfony
+Mailer documentation for more information.
+
+We will only cover the configuration of an SMTP provider here, which is sufficient for most use-cases.
+You will need an email account, which you can use send emails from via password-bases SMTP authentication, this account
 should be dedicated to Part-DB.

 To configure the SMTP provider, you have to set the following environment variables:

-`MAILER_DSN`: You have to provide the SMTP server address and the credentials for the email account here. The format is the following:
-`smtp://<username>:<password>@<smtp-server-address>:<port>`. In most cases the username is the email address of the account, and the port is 587.
+`MAILER_DSN`: You have to provide the SMTP server address and the credentials for the email account here. The format is
+the following:
+`smtp://<username>:<password>@<smtp-server-address>:<port>`. In most cases the username is the email address of the
+account, and the port is 587.
 So the resulting DSN could look like this: `smtp://j.doe@mail.invalid:SUPER_SECRET_PA$$WORD@smtp.mail.invalid:587`.

 `EMAIL_SENDER_EMAIL`: This is the email address which will be used as sender address for all emails sent by Part-DB.
-This should be the same email address as the one used in the `MAILER_DSN` (the email adress of your email account):
+This should be the same email address as the one used in the `MAILER_DSN` (the email address of your email account):
 e.g. `j.doe@mail.invalid`.

-`EMAIL_SENDER_NAME`: This is the name which will be used as sender name for all emails sent by Part-DB. 
+`EMAIL_SENDER_NAME`: This is the name which will be used as sender name for all emails sent by Part-DB.
 This can be anything you want, e.g. `My Part-DB Mailer`.

-
 Now you can enable the possibility to reset password by setting the `ALLOW_EMAIL_PW_RESET` env to `1` (or `true`).
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .0.2
 .9.0
				`@@ -0,0 +1 @@`
				`Put your font ttf files in this folder to make them available to the label generator.`